Vulnerabilities > CVE-2007-3587 - Unspecified vulnerability in Mycms

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mycms

exploit available

NVD

Published: 2007-07-05

Updated: 2024-11-21

Summary

MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php.

Vulnerable Configurations

Part	Description	Count
Application	Mycms Mycms Mycms *	1

Exploit-Db

description	MyCMS <= 0.9.8 Remote Command Execution Exploit. CVE-2007-3587. Webapps exploit for php platform
file	exploits/php/webapps/4145.php
id	EDB-ID:4145
last seen	2016-01-31
modified	2007-07-03
platform	php
port
published	2007-07-03
reporter	BlackHawk
source	https://www.exploit-db.com/download/4145/
title	MyCMS <= 0.9.8 - Remote Command Execution Exploit
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References