Vulnerabilities > CVE-2007-2272 - Remote File Include vulnerability in Advanced Webhost Billing System Advanced Webhost Billing System 2.4.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
advanced-webhost-billing-system
exploit available

Summary

PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter.

Exploit-Db

descriptionAdvanced Webhost Billing System (AWBS) cart2.php RFI Vulnerability. CVE-2007-2272. Webapps exploit for php platform
fileexploits/php/webapps/3795.txt
idEDB-ID:3795
last seen2016-01-31
modified2007-04-24
platformphp
port
published2007-04-24
reporterDamaR
sourcehttps://www.exploit-db.com/download/3795/
titleAdvanced Webhost Billing System AWBS cart2.php RFI Vulnerability
typewebapps