The exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Ptag <= 4.0.0 by manipulating the 'ptag_dir' parameter in session.php and sql.php to include arbitrary remote files. The PoC shows how an attacker can inject a shell by appending the malicious URL to the vulnerable parameter.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Ptag <= 4.0.0
No auth needed
Prerequisites:Network access to the target application · Ability to host a malicious file on a remote server