CVE-2007-6485
Centreon 1.4.1 - Remote Code Execution via FileOreonConf Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-6485. PoCs published by Michael Brooks.
AI-analyzed exploit summary This is a writeup describing a remote file inclusion (RFI) vulnerability in Oreon and Centreon versions 1.4 and 1.4.1. The vulnerability allows an attacker to include arbitrary remote files via the 'fileOreonConf' parameter in specific PHP scripts.
Description
Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote attackers to execute arbitrary PHP code via a URL in the fileOreonConf parameter to (1) MakeXML.php or (2) MakeXML4statusCounter.php in include/monitoring/engine/.
Exploits (1)
This is a writeup describing a remote file inclusion (RFI) vulnerability in Oreon and Centreon versions 1.4 and 1.4.1. The vulnerability allows an attacker to include arbitrary remote files via the 'fileOreonConf' parameter in specific PHP scripts.