Vulnerabilities > CVE-2007-2003 - Unspecified vulnerability in Inoutmailinglistmanager
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN inoutmailinglistmanager
exploit available
Summary
InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | InoutMailingListManager <= 3.1 Remote Command Execution Exploit. CVE-2005-0613,CVE-2006-0658,CVE-2007-2002,CVE-2007-2003,CVE-2007-2004. Webapps exploit fo... |
| file | exploits/php/webapps/3702.php |
| id | EDB-ID:3702 |
| last seen | 2016-01-31 |
| modified | 2007-04-10 |
| platform | php |
| port | |
| published | 2007-04-10 |
| reporter | BlackHawk |
| source | https://www.exploit-db.com/download/3702/ |
| title | InoutMailingListManager <= 3.1 - Remote Command Execution Exploit |
| type | webapps |