CVE-2009-2112

EIP tracks 1 public exploit for CVE-2009-2112. PoCs published by ahmadbady.

AI-analyzed exploit summary This exploit leverages a local file inclusion vulnerability in PHP Forum by manipulating the `_FORUM[settings_design_style]` parameter to include arbitrary local files via null byte termination. The vulnerability allows attackers to read sensitive files on the server.

Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.