CVE-2008-0390

AuraCMS 1.62 - Remote Code Execution via X-Forwarded-For Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0390. PoCs published by k1tk4t.

AI-analyzed exploit summary This exploit targets a remote code execution vulnerability in AuraCMS 1.62 by injecting malicious PHP code via the HTTP_X_FORWARDED_FOR header. The injected code is then executed by accessing the online.db.txt file.

Description

stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.php, and execute online.db.txt via a certain request to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by k1tk4t · perlwebappsphp

https://www.exploit-db.com/exploits/4933

View Code ZIP pw:eip

This exploit targets a remote code execution vulnerability in AuraCMS 1.62 by injecting malicious PHP code via the HTTP_X_FORWARDED_FOR header. The injected code is then executed by accessing the online.db.txt file.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: AuraCMS 1.62

No auth needed

Prerequisites: Target must be running AuraCMS 1.62 with the vulnerable stat.php file · Network access to the target server

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27342

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/4933

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/39777

Scores

EPSS 0.0232

EPSS Percentile 81.2%

Details

CWE

CWE-94

Status published

Products (2)

auracms/auracms 1.62

auracms/mod_block_statistik

Published Jan 23, 2008

Tracked Since Feb 18, 2026