Lucene search
MitreCVE-2007-3587HistoryJul 05, 2007 - 8:30 p.m.
CVE-2007-3587
2007-07-0520:30:00
mitre
web.nvd.nist.gov
27
mycms
0.9.8
remote attackers
gain privileges
admin cookie
php code injection
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.123
Percentile
95.4%
MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php.
Affected configurations
Node
mycmsmycmsRange≤0.9.8
Related
nvd
nvd
CVE-2007-3587
2007-07-05 20:30:00
prion
prion
Design/Logic Flaw
2007-07-05 20:30:00
exploitdb
exploitdb
MyCMS 0.9.8 - Remote Command Execution (1)
2007-07-03 00:00:00
cvelist
cvelist
CVE-2007-3587
2007-07-05 20:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.123
Percentile
95.4%
Related for CVE-2007-3587