CVE-2007-5642

PHP Project Management < 0.8.10 - Path Traversal via Multiple Module Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5642. PoCs published by GoLd_M.

AI-analyzed exploit summary This exploit demonstrates multiple Remote File Inclusion (RFI) and Local File Inclusion (LFI) vulnerabilities in PHP Project Management <= 0.8.10. It provides paths to inject remote or local files via the 'full_path' or 'module' parameters in various modules.

Description

Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/.

Exploits (1)

exploitdb WORKING POC VERIFIED

by GoLd_M · textwebappsphp

https://www.exploit-db.com/exploits/4549

View Code ZIP pw:eip

This exploit demonstrates multiple Remote File Inclusion (RFI) and Local File Inclusion (LFI) vulnerabilities in PHP Project Management <= 0.8.10. It provides paths to inject remote or local files via the 'full_path' or 'module' parameters in various modules.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: PHP Project Management <= 0.8.10

No auth needed

Prerequisites: Network access to the target application · Ability to host a malicious file for RFI

MITRE ATT&CK