CVE-2007-5845

GuppY <4.6.3, 4.5.16 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-5845. PoCs published by irk4z, rgod.

AI-analyzed exploit summary The exploit demonstrates a remote file inclusion (RFI) and local file inclusion (LFI) vulnerability in GuppY 4.6.3 due to improper input validation in the 'selskin' parameter and 'xposbox[L][]' array. It includes functional PoC URLs and an HTML form for file upload exploitation.

Description

Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged to bypass authentication and upload arbitrary files by including admin/inc/upload.inc and specifying certain multipart/form-data input for admin/inc/upload.inc.

Exploits (2)

exploitdb WORKING POC VERIFIED

by irk4z · textwebappsphp

https://www.exploit-db.com/exploits/4602

View Code ZIP pw:eip

The exploit demonstrates a remote file inclusion (RFI) and local file inclusion (LFI) vulnerability in GuppY 4.6.3 due to improper input validation in the 'selskin' parameter and 'xposbox[L][]' array. It includes functional PoC URLs and an HTML form for file upload exploitation.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: GuppY 4.6.3

No auth needed

Prerequisites: Target running GuppY 4.6.3 · Network access to the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/3221

View Code ZIP pw:eip

This exploit targets a remote command execution vulnerability in Guppy CMS <= 4.5.16 by injecting malicious PHP code via manipulated HTTP headers and form data. It bypasses PHP security settings like magic_quotes_gpc and register_globals through a combination of cookie and POST parameter manipulation.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Guppy CMS <= 4.5.16

No auth needed

Prerequisites: Target must be running Guppy CMS <= 4.5.16 · error.php must be accessible · data/ folder must have write permissions

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/38492

Exploit x_refsource_misc

http://retrogod.altervista.org/guppy_4516_cmd.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/3221

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/4602

Scores

EPSS 0.0298

EPSS Percentile 85.5%

Details

CWE

CWE-94

Status published

Products (2)

guppy/guppy 4.6.3

guppy/guppy < 4.5.16

Published Nov 06, 2007

Tracked Since Feb 18, 2026