CVE-2007-5842
Vortex Portal 1.0.42 - Remote Code Execution via cfgProgDir Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-5842. PoCs published by ShAy6oOoN.
AI-analyzed exploit summary This is a writeup describing a Remote File Inclusion (RFI) vulnerability in Vortex Portal 1.0.42. It provides paths for exploitation but does not include actual exploit code or payloads.
Description
Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1.0.42 allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter to (1) admincp/auth/secure.php or (2) admincp/auth/checklogin.php.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by ShAy6oOoN · textwebappsphp
https://www.exploit-db.com/exploits/4605
This is a writeup describing a Remote File Inclusion (RFI) vulnerability in Vortex Portal 1.0.42. It provides paths for exploitation but does not include actual exploit code or payloads.
Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target:
Vortex Portal 1.0.42
No auth needed
Prerequisites:
register_globals enabled · remote file inclusion vulnerability in the target software
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26325
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38254
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3752
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/4605
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38490
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38489
Scores
EPSS
0.4646
EPSS Percentile
98.7%
Details
CWE
CWE-94
Status
published
Products (1)
vortex_portal/vortex_portal
1.0.42
Published
Nov 06, 2007
Tracked Since
Feb 18, 2026