Vulnerabilities > CVE-2007-0181 - Remote File Include vulnerability in Magic Photo Storage Website

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
scriptaty
exploit available
NVD
Published: 2007-01-11
Updated: 2018-10-16

Summary

PHP remote file inclusion vulnerability in include/common_function.php in magic photo storage website allows remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter.

Vulnerable Configurations

Part Description Count
Application
Scriptaty
1

Exploit-Db

descriptionMagic Photo Storage Website _config[site_path] File Include Vuln. CVE-2007-0181. Webapps exploit for php platform
fileexploits/php/webapps/3100.txt
idEDB-ID:3100
last seen2016-01-31
modified2007-01-08
platformphp
port
published2007-01-08
reporterk1tk4t
sourcehttps://www.exploit-db.com/download/3100/
titleMagic Photo Storage Website - _configsite_path File Include Vuln
typewebapps

References