CVE-2010-0755

WikyBlog 1.7.3 rc2 - RCE

Title source: llm

Description

PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote attackers to execute arbitrary PHP code via a URL in the langFile parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by indoushka · textwebappsphp

https://www.exploit-db.com/exploits/11560

View Code ZIP pw:eip

References (5)

[Exploit] http://packetstormsecurity.org/1002-exploits/wikyblog-rfishellxss.txt

[Exploit] http://www.exploit-db.com/exploits/11560

[Exploit] http://www.securityfocus.com/bid/38386

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/56519

[Third Party Advisory, VDB Entry] http://osvdb.org/62647

Scores

EPSS 0.0164

EPSS Percentile 81.7%

Classification

CWE

CWE-94

Status draft

Affected Products (1)

wikyblog/wikyblog

Timeline

Published Feb 27, 2010

Tracked Since Feb 18, 2026