CVE

Id
29179  
CVE No.
CVE-2007-5822  
Status
Candidate  
Description
Direct static code injection vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to inject arbitrary PHP code into a certain file in regged/ via the username parameter in a Register action, possibly related to the register function in forumfunctions.php.  
Phase
Assigned (20071105)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
306091 29179 CVE-2007-5822 BUGTRAQ:20071101 Scribe <= 2.0 Remote PHP Code Execution  View
306092 29179 CVE-2007-5822 URL:http://www.securityfocus.com/archive/1/archive/1/483183/100/0/threaded  View
306093 29179 CVE-2007-5822 MILW0RM:4596  View
306094 29179 CVE-2007-5822 URL:http://www.milw0rm.com/exploits/4596  View
306095 29179 CVE-2007-5822 MISC:http://www.inj3ct-it.org/exploit/scribe.txt  View
306096 29179 CVE-2007-5822 BID:26302  View
306097 29179 CVE-2007-5822 URL:http://www.securityfocus.com/bid/26302  View
306098 29179 CVE-2007-5822 VUPEN:ADV-2007-3746  View
306099 29179 CVE-2007-5822 URL:http://www.vupen.com/english/advisories/2007/3746  View
306100 29179 CVE-2007-5822 OSVDB:45287  View
306101 29179 CVE-2007-5822 URL:http://osvdb.org/45287  View
306102 29179 CVE-2007-5822 SREASON:3339  View
306103 29179 CVE-2007-5822 URL:http://securityreason.com/securityalert/3339  View
306104 29179 CVE-2007-5822 XF:scribe-username-code-execution(38227)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
54178 JVNDB-2007-002870 Firefly Media Server の mt-dappd の webserver.c におけるサービス運用妨害 (DoS) の脆弱性 Firefly Media Server の mt-dappd の webserver.c には、サービス運用妨害 (NULL デリファレンスおよびデーモンクラッシュ) 状態となる脆弱性が存在します。 CVE-2007-5824 29179 7.1 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002870.html  View