PT-2007-2560 · Fcring · Fcring

Kezzap66345

Published

2007-02-27

Updated

2017-10-11

CVE-2007-1133

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions FCRing version 1.3

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the s fuss parameter in the fcring.php file.

Recommendations For FCRing version 1.3, avoid using the s fuss parameter in the fcring.php file until a patch is available. Restrict access to the fcring.php file to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-1133

Affected Products

Fcring

PT-2007-2560 · Fcring · Fcring

CVE-2007-1133

Related Identifiers

Affected Products

References · 7