CVE-2007-3018
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-3018
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
activeWeb contentserver CMS before 5.6.2964 does not limit the file-creation ability of editors who have restricted accounts, which allows these editors to create files in arbitrary directories.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
activeWeb contentserver 许可绕过错误
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
activeWeb contentserver CMS 5.6.2964版本之前的版本没有限制具有限制帐户的编辑者的文件创建的能力,这会允许这些编辑者在任意目录中创建文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-3018
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-3018
请登录查看更多情报信息。
- http://www.redteam-pentesting.de/advisories/rt-sa-2007-007.phpx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2007-3018
Same Patch Batch · n/a · 2007-07-17 · 39 CVEs total
| CVE-2007-3808 | paFileDB Search.PHP SQL注入漏洞 | |
| CVE-2007-3819 | Opera Web Browser Address Bar URI欺骗漏洞 | |
| CVE-2007-3820 | Opera及Konqueror浏览器data: URI主题地址栏欺骗漏洞 | |
| CVE-2007-3821 | Citadel WebCit 多个输入验证漏洞 | |
| CVE-2007-3822 | Citadel WebCit 多个输入验证漏洞 | |
| CVE-2007-3823 | IPSwitch WS_FT PLogsrv.exe拒绝服务漏洞 | |
| CVE-2007-3824 | MzK Blog katgoster.asp SQL注入漏洞 | |
| CVE-2007-3017 | ActiveWeb Contentserver CMS Client Side 过滤绕过漏洞 | |
| CVE-2007-3806 | PHP Glob()函数远程拒绝服务漏洞 | |
| CVE-2007-3807 | SiteScape Forum 多个未明跨站脚本攻击漏洞 | |
| CVE-2007-3818 | Drupal LoginToboggan 跨站脚本漏洞 | |
| CVE-2007-3809 | Prozilla Directory Script cat_id参数 SQL注入漏洞 | |
| CVE-2007-3810 | Realtor index.php SQL注入漏洞 | |
| CVE-2007-3811 | eSyndiCat Link Directory 多个SQL注入漏洞 | |
| CVE-2007-3812 | CMScout Forums.PHP SQL注入漏洞 | |
| CVE-2007-3813 | MKPortal NoBoard BETA 文件漏洞 | |
| CVE-2007-3814 | MKPortal 多个SQL注入漏洞 | |
| CVE-2007-3815 | Poslovni informator Republike Slovenije (PIRS) pirs32.exe 缓冲区溢出 | |
| CVE-2007-3816 | RETIRED: Anders Mller JWIG Template 远程拒绝服务漏洞 | |
| CVE-2007-3841 | Pidgin 未明远程指令执行漏洞 |
Showing top 20 of 39 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2007-3018
No comments yet