Remote File Inclusion Vulnerabilities in PMB Services by PMB
CVE-2007-1415

Currently unrated

Key Information:

Vendor: Pmb Services
Status: Pmb Services
Vendor: CVE Published:; 12 March 2007

🔔 Create Pmb Services Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 10%

What is CVE-2007-1415?

PMB Services versions prior to 3.0.14 are susceptible to several remote file inclusion (RFI) vulnerabilities. These weaknesses allow attackers to execute arbitrary PHP code, potentially compromising the system. The vulnerabilities may be exploited through various parameters in multiple script files, such as class_path, base_path, and include_path. Successful exploitation could lead to unauthorized access and manipulation of application functionality, posing significant security risks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2007-1415 - Proof of Concept

References

http://www.osvdb.org/35115

vdb-entryx_refsource_OSVDB

http://www.osvdb.org/35111

vdb-entryx_refsource_OSVDB

http://www.osvdb.org/35116

vdb-entryx_refsource_OSVDB

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 12, 2007
👾
Exploit known to exist
Mar 12, 2007
Vulnerability published
Mar 12, 2007
Vulnerability Reserved
Mar 12, 2007

CVE-2007-1415 Data

JSON