Vulnerabilities > CVE-2007-2169 - Remote Code Execution vulnerability in Mozzers SubSystem Add.PHP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote attackers to inject PHP code into subs.php via the (1) Sub-name or (2) Sub-url field. NOTE: an earlier report indicated that the add action can be reached through a request to index.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Mozzers SubSystem final (subs.php) Remote Code Execution Vulnerability. CVE-2007-2169. Webapps exploit for php platform |
file | exploits/php/webapps/3761.txt |
id | EDB-ID:3761 |
last seen | 2016-01-31 |
modified | 2007-04-18 |
platform | php |
port | |
published | 2007-04-18 |
reporter | Dj7xpl |
source | https://www.exploit-db.com/download/3761/ |
title | Mozzers SubSystem final subs.php Remote Code Execution Vulnerability |
type | webapps |