CVE-2008-1059

NUCLEI

Sniplets Plugin 1.1.2 and 1.2.2 - Remote Code Execution via libpath Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1059. PoCs published by NBBN. A Nuclei detection template is also available.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in WordPress Plugin Sniplets 1.1.2, including Remote File Inclusion (RFI), Cross-Site Scripting (XSS), and Remote Code Execution (RCE). The RFI and RCE vulnerabilities require 'Register Globals' to be enabled, while XSS can occur with or without it.

Description

PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by NBBN · textwebappsphp

https://www.exploit-db.com/exploits/5194

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in WordPress Plugin Sniplets 1.1.2, including Remote File Inclusion (RFI), Cross-Site Scripting (XSS), and Remote Code Execution (RCE). The RFI and RCE vulnerabilities require 'Register Globals' to be enabled, while XSS can occur with or without it.

Classification

Working Poc 95%

Attack Type

Rce | Xss | Rfi

Complexity

Trivial

Reliability

Reliable

Target: WordPress Plugin Sniplets 1.1.2

No auth needed

Prerequisites: Register Globals enabled for RFI and RCE · Target running WordPress with Sniplets plugin 1.1.2

MITRE ATT&CK