CVE-2009-0464
Groone GBook 2.0 - Remote Code Execution via abspath Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-0464. PoCs published by k3vin mitnick.
AI-analyzed exploit summary This exploit demonstrates a Remote File Include (RFI) vulnerability in GBOOK v2.0, allowing an attacker to include and execute arbitrary remote files via the 'abspath' parameter in header.php. The vulnerability arises from improper input validation and insecure PHP include usage.
Description
PHP remote file inclusion vulnerability in includes/header.php in Groone GBook 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
Exploits (1)
This exploit demonstrates a Remote File Include (RFI) vulnerability in GBOOK v2.0, allowing an attacker to include and execute arbitrary remote files via the 'abspath' parameter in header.php. The vulnerability arises from improper input validation and insecure PHP include usage.