CVE-2007-3057
published 2007-06-06CVE-2007-3057: PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute…
PriorityP348medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
68.67%
99.3th percentile
PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xoops | icontent_module | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP requests targeting the vulnerable file path with a remote URL supplied in the spaw_root parameter ↗
- →Alert on GET/POST requests to /modules/icontent/include/wysiwyg/spaw_control.class.php containing 'spaw_root=' with an http:// or https:// value (remote file inclusion pattern) ↗
- ·This issue is noted as likely a duplicate of an earlier CVE; verify whether the same vulnerable file is already covered under CVE-2006-4656 to avoid duplicate alerting ↗
- ·The exploit targets both icontent v1.0 and v4.5; detection rules should cover both version paths if directory structures differ ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://attrition.org/pipermail/vim/2007-June/001639.htmlhttp://osvdb.org/35381http://secunia.com/advisories/25522http://www.securityfocus.com/bid/24302http://www.vupen.com/english/advisories/2007/2047https://exchange.xforce.ibmcloud.com/vulnerabilities/34681https://www.exploit-db.com/exploits/4022http://attrition.org/pipermail/vim/2007-June/001639.htmlhttp://osvdb.org/35381http://secunia.com/advisories/25522http://www.securityfocus.com/bid/24302http://www.vupen.com/english/advisories/2007/2047https://exchange.xforce.ibmcloud.com/vulnerabilities/34681https://www.exploit-db.com/exploits/4022
2007-06-06
Published