CVE-2007-6188

TuMusika Evolution 1.7R5 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6188. PoCs published by GoLd_M.

AI-analyzed exploit summary The exploit demonstrates a directory traversal vulnerability in TuMusika Evolution 1.7R5, allowing remote file disclosure via the `sc_download.php` script and local file inclusion via language parameter manipulation. The PoC includes clear examples of exploiting these vulnerabilities to read arbitrary files like `/etc/passwd`.

Description

Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) languages_n.php, (2) languages_f.php, or (3) languages.php in inc/; and (4) allow remote attackers to read arbitrary local files via a .. (dot dot) in the uri parameter to frames/nogui/sc_download.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by GoLd_M · textwebappsphp

https://www.exploit-db.com/exploits/4674

View Code ZIP pw:eip

The exploit demonstrates a directory traversal vulnerability in TuMusika Evolution 1.7R5, allowing remote file disclosure via the `sc_download.php` script and local file inclusion via language parameter manipulation. The PoC includes clear examples of exploiting these vulnerabilities to read arbitrary files like `/etc/passwd`.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: TuMusika Evolution 1.7R5

No auth needed

Prerequisites: Network access to the vulnerable application

MITRE ATT&CK