CVE

Id
23956  
CVE No.
CVE-2007-0599  
Status
Candidate  
Description
Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/common_actions.php, via vectors associated with extract operations on the (1) POST, (2) GET, (3) COOKIE, and (4) SERVER superglobal arrays.  
Phase
Assigned (20070130)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
233442 23956 CVE-2007-0599 BUGTRAQ:20070125 Aztek Forum 4.1 Multiple Vulnerabilities Exploit  View
233443 23956 CVE-2007-0599 URL:http://www.securityfocus.com/archive/1/archive/1/458076/100/0/threaded  View
233444 23956 CVE-2007-0599 BUGTRAQ:20070125 Re: Aztek Forum 4.1 Multiple Vulnerabilities Exploit  View
233445 23956 CVE-2007-0599 URL:http://www.securityfocus.com/archive/1/archive/1/458123/100/0/threaded  View
233446 23956 CVE-2007-0599 MISC:http://acid-root.new.fr/poc/21070125.txt  View
233447 23956 CVE-2007-0599 OSVDB:33596  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
52784 JVNDB-2007-001476 Aztek Forum の common/safety.php における危険な操作を入力される脆弱性 Aztek Forum の common/safety.php には、%22 シーケンス (URL エンコードされた二重引用符) を含む特定のデータ、および他の危険な操作を入力される脆弱性が存在します。 CVE-2007-0601 23956 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001476.html  View