CVE-2007-4886
published 2007-09-14CVE-2007-4886: Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote attackers to execute arbitrary PHP code via a (1) UNC share…
PriorityP339medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
2.07%
79.1th percentile
Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftp, (3) ftps, or (4) ssh2.sftp URL, in the pilih parameter, for which PHP remote file inclusion is blocked only for http URLs.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
| auracms | auracms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
AuraCMS 2.1 - Remote File Attachment / Local File Inclusion
exploitdb·2007-09-10
CVE-2007-4908 AuraCMS 2.1 - Remote File Attachment / Local File Inclusion
AuraCMS 2.1 - Remote File Attachment / Local File Inclusion
---
########################################################################
# AuraCMS 2.1 - Remote File Attachment - Local File Inclusion
# Vendor : http://www.auracms.org/
# Download : http://www.auracms.org/dl_jump.php?id=42
# Ditemukan oleh : k1tk4t - k1tk4t[4t]newhack.org
# Lokasi : Indonesia -- #newhack[dot]org @ irc.dal.net
########################################################################
Remote File Attachment Vulnerability
//berkas pada '/mod/contak.php'
---------------- Baris-41 --------------------
if ($_POST['submit']) {
$nama = text_filter($_POST['nama']);
$email = text_filter($_POST['email']);
$pesan = nl2br(text_filter($_POST['pesan'], 2));
$images = text_filter($_POST['image']);
checkemail($email);
Exploit-DB
LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Remote Buffer Overflow
exploitdb·2007-04-13
CVE-2007-1674 LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Remote Buffer Overflow
LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Remote Buffer Overflow
---
source: https://www.securityfocus.com/bid/23483/info
LANDesk Management Suite is prone to a remote stack-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue would result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
This issue affects LANDesk Management Suite 8.7; prior versions may also be affected.
##
# $Id: landesk_aolnsrvr.rb 4886 2007-05-07 04:48:45Z hdm $
##
##
# This file is part of the Metasploit Frame
No writeups or analysis indexed.
2007-09-14
Published