Published: 01/03/2006 Updated: 18/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote malicious users to execute arbitrary PHP code via variables that are written to settings.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cynical games shoutlive 1.1.0

#!/usr/bin/perl ################################################## # ShoutLIVE <= 110 Remote Php Code Execution # Based on: wwwfrsirtcom/bulletins/4109 # Credits: Coded by DarkFig # Website: disarmfreefr/bo_hard/ # Greetz: All AcidRoot/Bod members =) ################################################## use IO::Socket; use LWP:: ...

ShoutLIVE v110 is vulnerable to PHP code execution ...

NVD-CWE-Other http://evuln.com/vulns/87/summary.html http://www.osvdb.org/23482 http://secunia.com/advisories/19047 http://www.securityfocus.com/bid/16857 http://securityreason.com/securityalert/557 http://www.vupen.com/english/advisories/2006/0755 https://exchange.xforce.ibmcloud.com/vulnerabilities/24897 http://www.securityfocus.com/archive/1/426985/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1590/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-0940

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect