CVE-2007-5926
published 2007-11-10CVE-2007-5926: OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to the (1) AsciiBackup, (2)…
PriorityP347critical9CVSS 2.0
AVNACLAuSCCICAC
EXPLOIT
EPSS
3.44%
87.5th percentile
OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to the (1) AsciiBackup, (2) OEMLicenseInstall, and possibly other stored procedures.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openbase_international_ltd | openbase | <= 10.0.5 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6882-w5r7-3gf2: Directory traversal vulnerability in OpenBase 10
ghsa_unreviewed·2022-05-01·CVSS 9.0
CVE-2007-5927 [CRITICAL] CWE-22 GHSA-6882-w5r7-3gf2: Directory traversal vulnerability in OpenBase 10
Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. (dot dot) in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926.
GHSA
GHSA-qv7p-rw6j-rmc4: OpenBase 10
ghsa_unreviewed·2022-05-01
CVE-2007-5926 [HIGH] CWE-20 GHSA-qv7p-rw6j-rmc4: OpenBase 10
OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to the (1) AsciiBackup, (2) OEMLicenseInstall, and possibly other stored procedures.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/27525http://www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txthttp://www.securityfocus.com/bid/26347https://exchange.xforce.ibmcloud.com/vulnerabilities/38291http://secunia.com/advisories/27525http://www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txthttp://www.securityfocus.com/bid/26347https://exchange.xforce.ibmcloud.com/vulnerabilities/38291
2007-11-10
Published