CVE-2009-2787

Reputation plugin for PunBB <= 2.2.4 - Remote File Inclusion via pun_user[language] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2787. PoCs published by Dante90.

AI-analyzed exploit summary This exploit targets a Local File Inclusion (LFI) vulnerability in PunBB Reputation.php Mod <= v2.0.4. It leverages path traversal to read arbitrary files (e.g., /etc/passwd) by manipulating the 'pun_user[language]' parameter with null byte termination.

Description

Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dante90 · perlwebappsphp

https://www.exploit-db.com/exploits/9315

View Code ZIP pw:eip

This exploit targets a Local File Inclusion (LFI) vulnerability in PunBB Reputation.php Mod <= v2.0.4. It leverages path traversal to read arbitrary files (e.g., /etc/passwd) by manipulating the 'pun_user[language]' parameter with null byte termination.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PunBB Reputation.php Mod <= v2.0.4

No auth needed

Prerequisites: register_globals = On · magic_quotes_gpc = On · vulnerable PunBB installation

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/56613

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/9315

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/52138

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36020

Exploit x_refsource_misc

http://packetstormsecurity.org/0907-exploits/punbbrep-lfi.txt

Scores

EPSS 0.0417

EPSS Percentile 89.6%

Details

CWE

CWE-22

Status published

Products (3)

reputation/reputation 2.0.4

reputation/reputation 2.2.3

reputation/reputation < 2.2.4

Published Aug 17, 2009

Tracked Since Feb 18, 2026