PT-2007-2018 · Inter7 · Inter7 Vhostadmin

3L3Ctric-Cracker

Published

2007-01-30

Updated

2017-10-19

CVE-2007-0558

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Inter7 vHostAdmin version 1.0

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the MODULES DIR parameter in the modules/mail/main.php file.

Recommendations For Inter7 vHostAdmin version 1.0, restrict access to the MODULES DIR parameter to minimize the risk of exploitation. Avoid using the MODULES DIR parameter in the affected module until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0558

Affected Products

Inter7 Vhostadmin

PT-2007-2018 · Inter7 · Inter7 Vhostadmin

CVE-2007-0558

Related Identifiers

Affected Products

References · 4