Vulnerabilities > CVE-2007-1778 - Remote File Include vulnerability in Eve-Nuke Forum 0.1

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
eve-nuke
critical
exploit available

Summary

PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Vulnerable Configurations

Part Description Count
Application
Eve-Nuke
1

Exploit-Db

descriptionPHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability. CVE-2007-1778. Webapps exploit for php platform
fileexploits/php/webapps/3591.txt
idEDB-ID:3591
last seen2016-01-31
modified2007-03-27
platformphp
port
published2007-03-27
reporterThE TiGeR
sourcehttps://www.exploit-db.com/download/3591/
titlePHP-Nuke Module Eve-Nuke 0.1 mysql.php RFI Vulnerability
typewebapps