Vulnerabilities > CVE-2007-2182 - Unspecified vulnerability in Maran PHP Forum
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN maran
exploit available
Summary
Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Maran PHP Forum (forum_write.php) Remote Code Execution Vulnerability. CVE-2007-2182. Webapps exploit for php platform |
| file | exploits/php/webapps/3775.txt |
| id | EDB-ID:3775 |
| last seen | 2016-01-31 |
| modified | 2007-04-22 |
| platform | php |
| port | |
| published | 2007-04-22 |
| reporter | Dj7xpl |
| source | https://www.exploit-db.com/download/3775/ |
| title | Maran PHP Forum forum_write.php Remote Code Execution Vulnerability |
| type | webapps |
References
- http://secunia.com/advisories/24968
- http://secunia.com/advisories/24968
- http://www.securityfocus.com/bid/23614
- http://www.securityfocus.com/bid/23614
- http://www.vupen.com/english/advisories/2007/1493
- http://www.vupen.com/english/advisories/2007/1493
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33802
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33802
- https://www.exploit-db.com/exploits/3775
- https://www.exploit-db.com/exploits/3775