CVE-2007-0849

EPSS 0.12% · P30 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-0849

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability than CVE-2005-2568.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

SysCP 'scripts/cronscript.php'用户目录路径引用漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SysCP 1.2.15版本及其早期版本的scripts/cronscript.php没有适当地引用用户主目录的路径名，这会允许本地用户通过在一个目录名中放置外壳元字符以获得特权，并运行控制面板来保护该目录。该漏洞不同于CVE-2005-2568。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-0849

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-0849

请登录查看更多情报信息。

http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCPx_refsource_CONFIRM
http://osvdb.org/33128vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/24102third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/22453vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/459397/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-0849

Same Patch Batch · n/a · 2007-02-08 · 34 CVEs total

CVE-2007-0844		pam_ssh空密码短语绕过认证限制漏洞
CVE-2007-0856		Trend Micro病毒扫描引擎TMComm本地权限提升漏洞
CVE-2007-0857		MoinMoin 多个跨站脚本攻击漏洞
CVE-2006-2219		phpBBSQL注入漏洞
CVE-2006-2220		phpBB完整路径泄露漏洞
CVE-2006-6975		CentiPaid 代码注入漏洞
CVE-2006-6976		CentiPaid 'centipaid_class.php'PHP远程文件包含漏洞
CVE-2006-6977		FreeTextBox 跨站脚本攻击漏洞
CVE-2006-6978		FCKEditor "Basic Toolbar Selection"跨站脚本攻击漏洞
CVE-2007-0855		RARLabs Unrar口令提示栈溢出漏洞
CVE-2007-0840		Hlstats 跨站脚本攻击漏洞
CVE-2007-0841		vbDrupal 多个未明漏洞
CVE-2007-0835		Coppermine Photo Gallery 'admin.php'任意命令执行漏洞
CVE-2007-0836		Coppermine Photo Galleryadmin.php 任意文件包含漏洞
CVE-2007-0837		AgerMenu 'examples/inc/top.inc.php'PHP远程文件包含漏洞
CVE-2007-0838		FreeProxy 拒绝服务漏洞
CVE-2007-0839		Valarsoft WebMatic 'index/index_album.php'多个PHP远程文件包含漏洞
CVE-2007-0446		HP Mercury产品magnetproc.exe栈缓冲区溢出漏洞
CVE-2007-0854		Cpanel Web Hosting Manager OBJCache.PHP 远程文件包含漏洞
CVE-2007-0853		DevTrack SQL注入漏洞

Showing top 20 of 34 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-0849

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-0849

I. Basic Information for CVE-2007-0849

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-0849

III. Intelligence Information for CVE-2007-0849

Same Patch Batch · n/a · 2007-02-08 · 34 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-0849

Leave a comment