CVE-2007-6179

EIP tracks 1 public exploit for CVE-2007-6179. PoCs published by MhZ91.

AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Charray CMS due to improper input validation in the 'ccms_library_path' parameter. The vulnerability allows remote attackers to include and execute arbitrary PHP code by manipulating the parameter in 'markdown.php' or 'gallery.php'.

Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the ccms_library_path parameter to (1) markdown.php and (2) gallery.php in decoder/.