CVE-2005-0513 in Pmachine Pro
Summary
by MITRE
PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 10/27/2025
The vulnerability described in CVE-2005-0513 represents a critical remote file inclusion flaw affecting the Email This Entry add-on for pMachine Pro 2.4 and potentially other versions including pMachine Free. This vulnerability resides within the mail_autocheck.php script which fails to properly validate or sanitize user input parameters before incorporating them into file inclusion operations. The flaw specifically manifests when attackers manipulate the pm_path parameter to point to external web servers containing malicious PHP code, enabling arbitrary code execution on the vulnerable system.
This vulnerability operates under the common weakness enumeration CWE-98 which categorizes improper input validation leading to remote file inclusion attacks. The attack vector leverages the lack of proper parameter sanitization in the mail_autocheck.php script where user-supplied input directly influences file inclusion operations. The vulnerability differs from CVE-2003-1086 by targeting a specific add-on component rather than the core pMachine application, though both represent the same fundamental class of vulnerability. The attack scenario involves an attacker constructing a malicious URL that includes the vulnerable mail_autocheck.php script with a crafted pm_path parameter pointing to a remote server hosting malicious code.
The operational impact of this vulnerability is severe as it allows remote attackers to execute arbitrary PHP code on the affected system without authentication. This creates a complete compromise scenario where attackers can gain full control over the web server, potentially leading to data theft, system infiltration, or use as a launch point for further attacks within the network. The vulnerability affects not just pMachine Pro 2.4 but also potentially pMachine Free, indicating a widespread issue within the product line that could impact numerous installations. The remote nature of the exploit means that attackers do not need physical access or local network presence to exploit the vulnerability.
From an attack framework perspective, this vulnerability aligns with techniques described in the attack tree methodology where attackers can leverage web application vulnerabilities to achieve privilege escalation and persistent access. The vulnerability demonstrates a classic example of how insecure parameter handling in web applications can lead to complete system compromise. Organizations using affected versions of pMachine should consider implementing immediate mitigations including input validation, parameter sanitization, and potentially disabling the vulnerable add-on until proper patches are applied. The vulnerability also highlights the importance of following secure coding practices that prevent dynamic code execution based on user input, which is fundamental to preventing such remote code execution scenarios.