CVE-2009-0463
Groone GLinks 2.1 - Remote Code Execution via abspath Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-0463. PoCs published by k3vin mitnick.
AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in GLINKS v2.1 by manipulating the 'abspath' parameter in the header.php file to include arbitrary remote files. The vulnerability arises due to improper input validation and path handling.
Description
PHP remote file inclusion vulnerability in includes/header.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
Exploits (1)
This exploit demonstrates a remote file inclusion vulnerability in GLINKS v2.1 by manipulating the 'abspath' parameter in the header.php file to include arbitrary remote files. The vulnerability arises due to improper input validation and path handling.