Vulnerabilities > CVE-2007-1393 - Remote File Include vulnerability in GEO Soft Magic CMS 4.2.747

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
geo-soft
critical
exploit available

Summary

PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.

Vulnerable Configurations

Part Description Count
Application
Geo_Soft
1

Exploit-Db

descriptionMagic CMS 4.2.747 (mysave.php file) Remote File Include Vulnerability. CVE-2007-1393. Webapps exploit for php platform
fileexploits/php/webapps/3438.txt
idEDB-ID:3438
last seen2016-01-31
modified2007-03-08
platformphp
port
published2007-03-08
reporterDNX
sourcehttps://www.exploit-db.com/download/3438/
titleMagic CMS 4.2.747 mysave.php file Remote File Include Vulnerability
typewebapps