Vulnerabilities > CVE-2007-0599 - Unspecified vulnerability in Aztek Forum Aztek Forum 4.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/common_actions.php, via vectors associated with extract operations on the (1) POST, (2) GET, (3) COOKIE, and (4) SERVER superglobal arrays.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://acid-root.new.fr/poc/21070125.txt
- http://acid-root.new.fr/poc/21070125.txt
- http://osvdb.org/33596
- http://osvdb.org/33596
- http://www.securityfocus.com/archive/1/458076/100/0/threaded
- http://www.securityfocus.com/archive/1/458076/100/0/threaded
- http://www.securityfocus.com/archive/1/458123/100/0/threaded
- http://www.securityfocus.com/archive/1/458123/100/0/threaded