CVE-2007-5056 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-5056
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5056

Description: Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36733 http://xforce.iss.net/xforce/xfdb/40393 http://xforce.iss.net/xforce/xfdb/40395 http://xforce.iss.net/xforce/xfdb/40389 http://xforce.iss.net/xforce/xfdb/40396 VIM http://www.attrition.org/pipermail/vim/2007-September/001800.html SAID Secunia Advisory: SA26928 Secunia Advisory: SA28859 Secunia Advisory: SA28873 Secunia Advisory: SA28874 Secunia Advisory: SA28886 OSVDB 41428 40596 41422 41426 41427 MILW0RM http://www.milw0rm.com/exploits/5098 http://www.milw0rm.com/exploits/5097 http://www.milw0rm.com/exploits/5091 http://www.milw0rm.com/exploits/5090 http://www.milw0rm.com/exploits/4442 BID 25768

Return to the previous page.