Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6548

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6548
Last Modified 15 Nov 2008 12:00:00
Published 27 Dec 2007 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6548

Summary

Multiple direct static code injection vulnerabilities in RunCMS before 1.6.1 allow remote authenticated administrators to inject arbitrary PHP code via the (1) header and (2) footer parameters to modules/system/admin.php in a meta-generator action, (3) the disclaimer parameter to modules/system/admin.php in a disclaimer action, (4) the disclaimer parameter to modules/mydownloads/admin/index.php in a mydownloadsConfigAdmin action, (5) the disclaimer parameter to modules/newbb_plus/admin/forum_config.php, (6) the disclaimer parameter to modules/mylinks/admin/index.php in a myLinksConfigAdmin action, or (7) the intro parameter to modules/sections/admin/index.php in a secconfig action, which inject PHP sequences into (a) sections/cache/intro.php, (b) mylinks/cache/disclaimer.php, (c) mydownloads/cache/disclaimer.php, (d) newbb_plus/cache/disclaimer.php, (e) system/cache/disclaimer.php, (f) system/cache/footer.php, (g) system/cache/header.php, or (h) system/cache/maintenance.php in modules/.

Vulnerable Systems

Application

  • Runcms 1.6


References

BID - 27019

BUGTRAQ - 20071225 Multiple vulnerabilities in RUNCMS 1.6 by DSecRG

CONFIRM - http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131

MILW0RM - 4790

SREASON - 3493

OSVDB - 41251

OSVDB - 41250

OSVDB - 41249

OSVDB - 41248

OSVDB - 41247


Last Updated: 27 May 2016 10:46:32