Vulnerabilities > CVE-2007-2003 - Remote Security vulnerability in Inoutmailinglistmanager
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | InoutMailingListManager <= 3.1 Remote Command Execution Exploit. CVE-2005-0613,CVE-2006-0658,CVE-2007-2002,CVE-2007-2003,CVE-2007-2004. Webapps exploit fo... |
file | exploits/php/webapps/3702.php |
id | EDB-ID:3702 |
last seen | 2016-01-31 |
modified | 2007-04-10 |
platform | php |
port | |
published | 2007-04-10 |
reporter | BlackHawk |
source | https://www.exploit-db.com/download/3702/ |
title | InoutMailingListManager <= 3.1 - Remote Command Execution Exploit |
type | webapps |