CVE-2009-2641

School Data Navigator - Remote File Inclusion Code Execution

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2641. PoCs published by Br0ly.

AI-analyzed exploit summary This exploit demonstrates a Local/Remote File Inclusion vulnerability in School Data Navigator due to improper variable declaration in index.php. It allows RFI if allow_url_fopen is enabled and LFI if magic_quotes_gpc is disabled, requiring register_globals to be on.

Description

PHP remote file inclusion vulnerability in app_and_readme/navigator/index.php in School Data Navigator allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Br0ly · textwebappsphp
https://www.exploit-db.com/exploits/8924

This exploit demonstrates a Local/Remote File Inclusion vulnerability in School Data Navigator due to improper variable declaration in index.php. It allows RFI if allow_url_fopen is enabled and LFI if magic_quotes_gpc is disabled, requiring register_globals to be on.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: School Data Navigator (version not specified)
No auth needed
Prerequisites: allow_url_fopen=on (for RFI) · magic_quotes_gpc=off (for LFI) · register_globals=on
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/8924

Scores

EPSS 0.0168
EPSS Percentile 73.9%

Details

CWE
CWE-94
Status published
Products (1)
rich_white/school_data_nav
Published Jul 28, 2009
Tracked Since Feb 18, 2026