Exploitation Summary
EIP tracks 1 public exploit for CVE-2009-0639. PoCs published by Arka69.
AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in phpyabs 0.1.2 due to unsanitized user input in the 'Azione' parameter. The vulnerable code directly includes a file based on the 'Azione' GET parameter, allowing an attacker to execute arbitrary PHP code by including a remote shell.
Description
PHP remote file inclusion vulnerability in moduli/libri/index.php in phpyabs 0.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the Azione parameter.
Exploits (1)
This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in phpyabs 0.1.2 due to unsanitized user input in the 'Azione' parameter. The vulnerable code directly includes a file based on the 'Azione' GET parameter, allowing an attacker to execute arbitrary PHP code by including a remote shell.