Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-0854

EPSS 6.71% · P91
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-0854

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager (WHM) allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used to overwrite files in /var/cpanel/objcache or provide unexpected web page contents.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cpanel Web Hosting Manager OBJCache.PHP 远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
cPanel WebHost Manager (WHM)的scripts2/objcache中存在远程文件包含漏洞。远程攻击者可以借助obj参数中的一个URL,执行任意代码。注意:有第三方指出该漏洞不是文件包含漏洞因为内容尚未分析过,但此攻击能够在/var/cpanel/objcache中重写文件或提供未意料到的web页内容。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-0854

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-0854

登录查看更多情报信息。

Same Patch Batch · n/a · 2007-02-08 · 34 CVEs total

CVE-2007-0844pam_ssh空密码短语绕过认证限制漏洞
CVE-2007-0856Trend Micro病毒扫描引擎TMComm本地权限提升漏洞
CVE-2007-0857MoinMoin 多个跨站脚本攻击漏洞
CVE-2006-2219phpBBSQL注入漏洞
CVE-2006-2220phpBB完整路径泄露漏洞
CVE-2006-6975CentiPaid 代码注入漏洞
CVE-2006-6976CentiPaid 'centipaid_class.php'PHP远程文件包含漏洞
CVE-2006-6977FreeTextBox 跨站脚本攻击漏洞
CVE-2006-6978FCKEditor "Basic Toolbar Selection"跨站脚本攻击漏洞
CVE-2007-0855RARLabs Unrar口令提示栈溢出漏洞
CVE-2007-0840Hlstats 跨站脚本攻击漏洞
CVE-2007-0841vbDrupal 多个未明漏洞
CVE-2007-0835Coppermine Photo Gallery 'admin.php'任意命令执行漏洞
CVE-2007-0836Coppermine Photo Galleryadmin.php 任意文件包含漏洞
CVE-2007-0837AgerMenu 'examples/inc/top.inc.php'PHP远程文件包含漏洞
CVE-2007-0838FreeProxy 拒绝服务漏洞
CVE-2007-0839Valarsoft WebMatic 'index/index_album.php'多个PHP远程文件包含漏洞
CVE-2007-0446HP Mercury产品magnetproc.exe栈缓冲区溢出漏洞
CVE-2007-0853DevTrack SQL注入漏洞
CVE-2007-0852DevTrack 跨站脚本攻击漏洞

Showing top 20 of 34 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-0854

No comments yet

Leave a comment