CVE-2008-0502

Connectix Boards < 0.8.2 - Remote Code Execution via Template Path Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0502. PoCs published by Houssamix.

AI-analyzed exploit summary This Perl script exploits a Remote File Inclusion (RFI) vulnerability in Connectix Boards <=0.8.2 by injecting a remote shell via the 'template_path' parameter. It allows arbitrary command execution by fetching and executing commands from a remote file.

Description

PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Houssamix · perlwebappsphp

https://www.exploit-db.com/exploits/5012

View Code ZIP pw:eip

This Perl script exploits a Remote File Inclusion (RFI) vulnerability in Connectix Boards <=0.8.2 by injecting a remote shell via the 'template_path' parameter. It allows arbitrary command execution by fetching and executing commands from a remote file.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Connectix Boards <=0.8.2

No auth needed

Prerequisites: Remote shell file hosted on an accessible server · Network access to the vulnerable Connectix Boards instance

MITRE ATT&CK