PT-2007-5424 · Idevspot · Phphostbot

K-159

Published

2007-08-08

Updated

2017-09-29

CVE-2007-4231

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in order/login.php in IDevSpot PhpHostBot 1.06 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the svr rootscript parameter, a different vector than CVE-2007-4094 and CVE-2006-3776.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-4231

Affected Products

Phphostbot

PT-2007-5424 · Idevspot · Phphostbot

CVE-2007-4231

Related Identifiers

Affected Products

References · 8