Vulnerabilities > CVE-2007-2775 - Unspecified vulnerability in Alstrasoft Live Support 1.21
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN alstrasoft
exploit available
Summary
AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request to admin/managesettings.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit. CVE-2007-2775. Webapps exploit for php platform |
| file | exploits/php/webapps/3957.php |
| id | EDB-ID:3957 |
| last seen | 2016-01-31 |
| modified | 2007-05-20 |
| platform | php |
| port | |
| published | 2007-05-20 |
| reporter | BlackHawk |
| source | https://www.exploit-db.com/download/3957/ |
| title | AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit |
| type | webapps |
References
- http://itablackhawk.altervista.org/exploit/alsoft_exploit_pack
- http://itablackhawk.altervista.org/exploit/alsoft_exploit_pack
- http://osvdb.org/36638
- http://osvdb.org/36638
- http://secunia.com/advisories/25337
- http://secunia.com/advisories/25337
- http://www.securityfocus.com/bid/24073
- http://www.securityfocus.com/bid/24073
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34395
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34395
- https://www.exploit-db.com/exploits/3957
- https://www.exploit-db.com/exploits/3957