CVE-2010-0755 in WikyBlog
Summary
by MITRE
PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote attackers to execute arbitrary PHP code via a URL in the langFile parameter.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/01/2026
The vulnerability identified as CVE-2010-0755 represents a critical remote file inclusion flaw in WikyBlog version 1.7.3 rc2 that exposes the application to arbitrary code execution attacks. This vulnerability specifically affects the include/WBmap.php file where user-supplied input is improperly validated and directly incorporated into file inclusion operations. The issue manifests when the langFile parameter receives a URL value that is subsequently processed by the application's include mechanism, creating a pathway for attackers to inject and execute malicious PHP code on the target server. Such vulnerabilities fall under the category of CWE-88, which describes improper neutralization of special elements used in an expression, specifically highlighting the dangerous practice of directly incorporating user input into file operations without proper sanitization or validation.
The technical exploitation of this vulnerability occurs when an attacker crafts a malicious URL and passes it as the langFile parameter to the vulnerable WBmap.php script. The application processes this input without adequate validation, allowing the remote file inclusion to proceed and execute the attacker-controlled code. This type of vulnerability enables attackers to perform a wide range of malicious activities including but not limited to data exfiltration, server compromise, privilege escalation, and establishment of persistent backdoors. The impact extends beyond immediate code execution as it can lead to complete system compromise and unauthorized access to sensitive data stored on the affected server. According to the ATT&CK framework, this vulnerability aligns with techniques such as T1059.007 for command and scripting interpreter and T1078 for valid accounts, as successful exploitation typically requires the attacker to establish a foothold that can be maintained through persistent access mechanisms.
The operational consequences of this vulnerability are severe for any organization running affected WikyBlog installations, as it provides attackers with unrestricted access to the server environment. The vulnerability can be exploited remotely without requiring authentication, making it particularly dangerous for web applications that are publicly accessible. Organizations may experience data breaches, service disruption, and potential regulatory compliance violations depending on the nature of data hosted on the compromised systems. The vulnerability demonstrates poor input validation practices and highlights the importance of implementing proper security controls such as input sanitization, output encoding, and secure coding practices. Mitigation strategies should include immediate patching of the vulnerable application, implementing web application firewalls to detect and block malicious requests, and conducting thorough security assessments to identify similar vulnerabilities in other components of the web infrastructure. Additionally, organizations should enforce principle of least privilege and implement proper network segmentation to limit the potential impact of successful exploitation attempts.