NVD

Id
53067  
Name
CVE-2007-0850  
Description
scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-02-08  
Modified Date
2008-11-15  
Seq
2007-0850  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
268353 53067 CVE-2007-0850 20070207 Ability to inject and execute any code as root in SysCP  View
268354 53067 CVE-2007-0850 22454  View
268355 53067 CVE-2007-0850 http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP  View
268356 53067 CVE-2007-0850 syscp-cronscript-code-execution(32330)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
56389 JVNDB-2007-005081 SysCP の scripts/cronscript.php における任意のコードを実行される脆弱性 SysCP の scripts/cronscript.php は、SysCP データベースの panel_cronscript テーブルが参照する任意の PHP スクリプトをインクルードするおよび実行するため、任意のコードを実行される脆弱性が存在します。 CVE-2007-0850 24205 CVE-2007-0850 53067 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005081.html 2007-02-08 2012-12-20 View