Search...


SpeedTech PHP Library stphplocale.php STPHPLIB_DIR Variable Remote File Inclusion

2007-09-03T00:00:00
ID OSVDB:39088
Type osvdb
Reporter OSVDB
Modified 2007-09-03T00:00:00

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

References:

Vendor URL: http://stphplib.sourceforge.net/ Secunia Advisory ID:26658 Related OSVDB ID: 39077 Related OSVDB ID: 39084 Related OSVDB ID: 39086 Related OSVDB ID: 39087 Related OSVDB ID: 39090 Related OSVDB ID: 39091 Related OSVDB ID: 39093 Related OSVDB ID: 39098 Related OSVDB ID: 39099 Related OSVDB ID: 39103 Related OSVDB ID: 39073 Related OSVDB ID: 39074 Related OSVDB ID: 39078 Related OSVDB ID: 39094 Related OSVDB ID: 39096 Related OSVDB ID: 39076 Related OSVDB ID: 39080 Related OSVDB ID: 39083 Related OSVDB ID: 39085 Related OSVDB ID: 39092 Related OSVDB ID: 39097 Related OSVDB ID: 39100 Related OSVDB ID: 39102 Related OSVDB ID: 39075 Related OSVDB ID: 39079 Related OSVDB ID: 39081 Related OSVDB ID: 39082 Related OSVDB ID: 39089 Related OSVDB ID: 39095 Related OSVDB ID: 39101 Related OSVDB ID: 39104 Related OSVDB ID: 39105 ISS X-Force ID: 36417 CVE-2007-4738

JSON Vulners Source
Initial Source


All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2018
Protected by
{"bulletinFamily": "software", "viewCount": 0, "reporter": "OSVDB", "references": [], "description": "## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:39088", "modified": "2007-09-03T00:00:00", "enchantments": {"score": {"value": 6.1, "vector": "NONE", "modified": "2017-04-28T13:20:35", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-4738"]}, {"type": "osvdb", "idList": ["OSVDB:39076", "OSVDB:39099", "OSVDB:39096", "OSVDB:39103", "OSVDB:39073", "OSVDB:39098", "OSVDB:39078", "OSVDB:39105", "OSVDB:39089", "OSVDB:39104"]}, {"type": "exploitdb", "idList": ["EDB-ID:4358"]}], "modified": "2017-04-28T13:20:35", "rev": 2}, "vulnersScore": 6.1}, "id": "OSVDB:39088", "title": "SpeedTech PHP Library stphplocale.php STPHPLIB_DIR Variable Remote File Inclusion", "edition": 1, "published": "2007-09-03T00:00:00", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvelist": ["CVE-2007-4738"], "lastseen": "2017-04-28T13:20:35"}
{"cve": [{"lastseen": "2020-10-03T11:45:53", "description": "Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.", "edition": 3, "cvss3": {}, "published": "2007-09-06T19:17:00", "title": "CVE-2007-4738", "type": "cve", "cwe": ["CWE-94", "CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2007-4738"], "modified": "2017-07-29T01:33:00", "cpe": ["cpe:/a:speedtech:stphplibrary:0.8.0"], "id": "CVE-2007-4738", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4738", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:speedtech:stphplibrary:0.8.0:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphpcheckbox.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphpcheckbox.php STPHPLIB_DIR variable remote file inclusion.\n\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphpcheckbox.php?STPHPLIB_DIR=[CODE]\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39075", "id": "OSVDB:39075", "title": "SpeedTech PHP Library stphpcheckbox.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39077", "id": "OSVDB:39077", "title": "SpeedTech PHP Library stphpcheckgroup.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphpedit.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphpedit.php STPHPLIB_DIR variable remote file inclusion.\n\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphpedit.php?STPHPLIB_DIR=[CODE]\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39080", "id": "OSVDB:39080", "title": "SpeedTech PHP Library stphpedit.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39081", "id": "OSVDB:39081", "title": "SpeedTech PHP Library stphpeditwithcaption.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphphr.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphphr.php STPHPLIB_DIR variable remote file inclusion.\n\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphphr.php?STPHPLIB_DIR=[CODE]\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39082", "id": "OSVDB:39082", "title": "SpeedTech PHP Library stphphr.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphplabel.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphplabel.php STPHPLIB_DIR variable remote file inclusion.\n\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphplabel.php?STPHPLIB_DIR=[CODE]\n\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39085", "id": "OSVDB:39085", "title": "SpeedTech PHP Library stphplabel.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphpwindow.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphpwindow.php STPHPLIB_DIR variable remote file inclusion.\n\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphpwindow.php?STPHPLIB_DIR=[CODE]\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 1016004](https://vulners.com/osvdb/OSVDB:1016004)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39074](https://vulners.com/osvdb/OSVDB:39074)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39103", "id": "OSVDB:39103", "title": "SpeedTech PHP Library stphpwindow.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphpxmldoc.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphpxmldoc.php STPHPLIB_DIR variable remote file inclusion.\n\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphpxmldoc.php?STPHPLIB_DIR=[CODE]\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 1016004](https://vulners.com/osvdb/OSVDB:1016004)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39106](https://vulners.com/osvdb/OSVDB:39106)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39104", "id": "OSVDB:39104", "title": "SpeedTech PHP Library stphpxmldoc.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphpxmlelement.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphpxmlelement.php STPHPLIB_DIR variable remote file inclusion.\n\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphpxmlelement.php?STPHPLIB_DIR=[CODE]\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 1016004](https://vulners.com/osvdb/OSVDB:1016004)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358\n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39105", "id": "OSVDB:39105", "title": "SpeedTech PHP Library stphpxmlelement.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "cvelist": ["CVE-2007-4738"], "description": "## Vulnerability Description\nSpeedtech STPHPLib contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'stphpbutton.php' not properly sanitizing user input supplied to the 'STPHPLIB_DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSpeedTech STPHPLib version 0.8.0 stphpbutton.php STPHPLIB_DIR variable remote file inclusion.\n## Manual Testing Notes\nhttp://[victim]/[stphplib_path]/stphpbutton.php?STPHPLIB_DIR=[CODE]\n## References:\nVendor URL: http://stphplib.sourceforge.net/\n[Secunia Advisory ID:26658](https://secuniaresearch.flexerasoftware.com/advisories/26658/)\n[Related OSVDB ID: 39077](https://vulners.com/osvdb/OSVDB:39077)\n[Related OSVDB ID: 39084](https://vulners.com/osvdb/OSVDB:39084)\n[Related OSVDB ID: 39086](https://vulners.com/osvdb/OSVDB:39086)\n[Related OSVDB ID: 39087](https://vulners.com/osvdb/OSVDB:39087)\n[Related OSVDB ID: 39090](https://vulners.com/osvdb/OSVDB:39090)\n[Related OSVDB ID: 39091](https://vulners.com/osvdb/OSVDB:39091)\n[Related OSVDB ID: 39093](https://vulners.com/osvdb/OSVDB:39093)\n[Related OSVDB ID: 39098](https://vulners.com/osvdb/OSVDB:39098)\n[Related OSVDB ID: 39099](https://vulners.com/osvdb/OSVDB:39099)\n[Related OSVDB ID: 39103](https://vulners.com/osvdb/OSVDB:39103)\n[Related OSVDB ID: 39073](https://vulners.com/osvdb/OSVDB:39073)\n[Related OSVDB ID: 39078](https://vulners.com/osvdb/OSVDB:39078)\n[Related OSVDB ID: 39088](https://vulners.com/osvdb/OSVDB:39088)\n[Related OSVDB ID: 39094](https://vulners.com/osvdb/OSVDB:39094)\n[Related OSVDB ID: 39096](https://vulners.com/osvdb/OSVDB:39096)\n[Related OSVDB ID: 39076](https://vulners.com/osvdb/OSVDB:39076)\n[Related OSVDB ID: 39080](https://vulners.com/osvdb/OSVDB:39080)\n[Related OSVDB ID: 39083](https://vulners.com/osvdb/OSVDB:39083)\n[Related OSVDB ID: 39085](https://vulners.com/osvdb/OSVDB:39085)\n[Related OSVDB ID: 39092](https://vulners.com/osvdb/OSVDB:39092)\n[Related OSVDB ID: 39097](https://vulners.com/osvdb/OSVDB:39097)\n[Related OSVDB ID: 39100](https://vulners.com/osvdb/OSVDB:39100)\n[Related OSVDB ID: 39102](https://vulners.com/osvdb/OSVDB:39102)\n[Related OSVDB ID: 39075](https://vulners.com/osvdb/OSVDB:39075)\n[Related OSVDB ID: 39079](https://vulners.com/osvdb/OSVDB:39079)\n[Related OSVDB ID: 39081](https://vulners.com/osvdb/OSVDB:39081)\n[Related OSVDB ID: 39082](https://vulners.com/osvdb/OSVDB:39082)\n[Related OSVDB ID: 39089](https://vulners.com/osvdb/OSVDB:39089)\n[Related OSVDB ID: 39095](https://vulners.com/osvdb/OSVDB:39095)\n[Related OSVDB ID: 39101](https://vulners.com/osvdb/OSVDB:39101)\n[Related OSVDB ID: 39104](https://vulners.com/osvdb/OSVDB:39104)\n[Related OSVDB ID: 39105](https://vulners.com/osvdb/OSVDB:39105)\nISS X-Force ID: 36417\nGeneric Exploit URL: http://milw0rm.com/exploits/4358 \n[CVE-2007-4738](https://vulners.com/cve/CVE-2007-4738)\nBugtraq ID: 25525\n", "edition": 1, "modified": "2007-09-03T00:00:00", "published": "2007-09-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39074", "id": "OSVDB:39074", "title": "SpeedTech PHP Library stphpbutton.php STPHPLIB_DIR Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-01-31T20:44:33", "description": "STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion Vulnerability. CVE-2007-4737,CVE-2007-4738. Webapps exploit for php platform", "published": "2007-09-03T00:00:00", "type": "exploitdb", "title": "STPHPLibrary STPHPLIB_DIR Remote File Inclusion Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-4737", "CVE-2007-4738"], "modified": "2007-09-03T00:00:00", "id": "EDB-ID:4358", "href": "https://www.exploit-db.com/exploits/4358/", "sourceData": "?????__________________________________________?????\n????????_____________________________________???????\n???????????_________________________________????????\n??????????????_____________________________?????????\n????????????????__________________________??????????\n???????????????????______________________???????????\n?????????????????????___________________????????????\n??????????????????????_________________?????????????\n????????????????????????_______________?????????????\n??????????????????????????_____________?????????????\n___?????????????????????????__________??????????????\n_____?????????????????????????________??????????????\n________???????????????????????_______??????????????\n___________??????????????????????_____??????????????\n________________???????????????????___??????????????\n_____________________???????????????__??????????????\n___________________________????????????????????????_\n_____________________???????????????????????????____\n______________???????????????????????????????_______\n___________???????????????????????????????????______\n________????????????????????????????????????????____\n______????????_____??????????????????????????????___\n____?????????_______??????????????????????????????__\n__???????????_______???????????????????????????????_\n_?????????????_____?????????????????????????????????\n????????????????????????????????????????????????????\n????????????????????????????????????????????????????\n????????????????????????????????????????????????????\n????????????????????????????????????????????????????\n_??????????????????????????????????????????????????_\n__?????????????????????????????????????????????????_\n_____?????????????????????????????????????????????__\n_________????????????????????????????????????????___\n_______________??????????????????????????????????___\n_________________???????????????????????????????____\n_________________???????????????????????????________\n________________??????????_____??????????___________\n_________________?????_________?????_________?????__\n__________????_________????____________?????????____\n__________?????????????????_____??????????__________\n__________?????????????????___?????_________________\n__________?????______??????_________________________\n\n# SpeedTech PHP Library <= Remote File Inclusion Vulnerability\n#\n#Dork::(\n#\n#Vuln Code\n##############################################################################################\n#ERROR1:stphpapplication.php\n#require_once(\"$STPHPLIB_DIR/stphpobject.php\");<<< rfi coded.\n#\n#Other Files:\n# stphpapplication.php?STPHPLIB_DIR=[[Sh3LLScript]]\n# stphpbtnimage.php?STPHPLIB_DIR=[[Sh3LLScript]]\n# stphpform.php?STPHPLIB_DIR=[[Sh3LLScript]]\n# ........................................\n# ........................................\n# ........................................\n##############################################################################################\n#\n#http://php.html.it/script/vedi/1872/stphplibrary/\n#\n##############################################################################################\n#\n#LEETSECURITY.ORG <<<< sanal alemde bizde var\u00c3\u00bdz...\n############################################################################################\n#coded by ..Wocker..\n#\n#####special thanx:###..Str0ke..####..KEZZAP66345..####..Wocker..#############################\n##############################################################################################\n##############################################################################################\n\n# milw0rm.com [2007-09-03]\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/4358/"}]}