CVE-2007-5056

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.

Link	Resource
http://www.attrition.org/pipermail/vim/2007-September/001800.html	Exploit
http://www.securityfocus.com/bid/25768
http://secunia.com/advisories/26928	Vendor Advisory
http://secunia.com/advisories/28859	Vendor Advisory
http://secunia.com/advisories/28873	Vendor Advisory
http://secunia.com/advisories/28874	Vendor Advisory
http://secunia.com/advisories/28886	Vendor Advisory
http://osvdb.org/40596
http://osvdb.org/41428
http://osvdb.org/41426
http://osvdb.org/41422
http://osvdb.org/41427
http://www.vupen.com/english/advisories/2007/3261
https://exchange.xforce.ibmcloud.com/vulnerabilities/40396
https://exchange.xforce.ibmcloud.com/vulnerabilities/40395
https://exchange.xforce.ibmcloud.com/vulnerabilities/40393
https://exchange.xforce.ibmcloud.com/vulnerabilities/40389
https://exchange.xforce.ibmcloud.com/vulnerabilities/36733
https://www.exploit-db.com/exploits/5098
https://www.exploit-db.com/exploits/5097
https://www.exploit-db.com/exploits/5091
https://www.exploit-db.com/exploits/5090
https://www.exploit-db.com/exploits/4442

Configuration 1

cpe:2.3:a:adodb_lite:adodb_lite:*:*:*:*:*:*:*:* cpe:2.3:a:sapid:sapid_cmf:*:*:*:*:*:*:*:* cpe:2.3:a:pacercms:pacercms:*:*:*:*:*:*:*:* cpe:2.3:a:open-realty:open-realty:*:*:*:*:*:*:*:* cpe:2.3:a:cmsmadesimple:cms_made_simple:*:*:*:*:*:*:*:* cpe:2.3:a:journalness:journalness:*:*:*:*:*:*:*:*

---

Published : 2007-09-24 10:17

Updated : 2017-09-29 01:29

---

NVD link : CVE-2007-5056

Mitre link : CVE-2007-5056

No products.

CWE-94