Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-4988. PoCs published by lumut--.
AI-analyzed exploit summary This exploit demonstrates a Remote File Include (RFI) vulnerability in Who is Chatting 2.2.3. The vulnerability arises from improper sanitization of the TMPL[path] parameter in header.php, allowing an attacker to include arbitrary remote files.
Description
PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter.
Exploits (1)
This exploit demonstrates a Remote File Include (RFI) vulnerability in Who is Chatting 2.2.3. The vulnerability arises from improper sanitization of the TMPL[path] parameter in header.php, allowing an attacker to include arbitrary remote files.