CVE-2007-2185

Published: 24/04/2007 Updated: 11/10/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b allow remote malicious users to execute arbitrary PHP code via a URL in the supa[db_path] parameter to (1) common_functions.php, (2) admin_auth_cookies.php, (3) admin_mods.php, (4) admin_news.php, (5) admin_topics.php, (6) admin_users.php, (7) admin_utilities.php, (8) site_comment.php, or (9) site_news.php; or the supa[include_path] parameter to (10) admin_settings.php or (11) backend_site.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
supasite supasite 1.23b

# Supasite v123b <= Multiple Remote File Include Vulnerablitiy # DScript: belnetdlsourceforgenet/sourceforge/supasite/supasite123btargz # Discovered by: GolD_M = [Mahmood_ali] # Homepage: wwwTryagcc # Exploit:[Path]/supasite/common_functionsphp?supa[db_path]=Shell # Exploit:[Path]/supasite/admin_auth_cookiesphp?supa[db_ ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-2185

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect