Exploitation Summary
EIP tracks 1 public exploit for CVE-2009-0340. PoCs published by ahmadbady.
AI-analyzed exploit summary This exploit demonstrates a local file inclusion vulnerability in Simple PHP Newsletter 1.5, allowing an attacker to read arbitrary files by manipulating the 'olang' parameter in mail.php and mailbar.php.
Description
Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
Exploits (1)
This exploit demonstrates a local file inclusion vulnerability in Simple PHP Newsletter 1.5, allowing an attacker to read arbitrary files by manipulating the 'olang' parameter in mail.php and mailbar.php.