CVE-2007-5913
Public Exploits 1
ExploitDB · 1 EDB-4608#CVE-2007-5913 [webapps]
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-5913
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not require authentication, which allows remote attackers to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name and password for JBC Explorer via the login and password parameters.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
JBC Explorer auth.php 权限绕过漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
JBC Explorer 7.20 RC1版本及其早期版本的dirsys/modules/auth.php没有要求认证,这会允许远程攻击者(1) 借助super参数删除auth.inc.php,和(2)借助login和密码参数,重新创建auth.inc.php文件内容指定一个JBC Explorer的新的账号名称和密码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-5913
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-5913
请登录查看更多情报信息。
Vendor Advisories for CVE-2007-5913 (5)
Exploits & Public PoCs for CVE-2007-5913 (1)
Other References for CVE-2007-5913 (1)
Same Patch Batch · n/a · 2007-11-10 · 26 CVEs total
| CVE-2007-5919 | MyWebFTP Pass.txt Hashed 密码 信息泄露漏洞 | |
| CVE-2007-5396 | Miranda IM EXT_YAHOO_CONTACT_ADDED函数远程格式串处理漏洞 | |
| CVE-2007-4570 | Mcstrans MCS translation daemon 算法复杂性漏洞 | |
| CVE-2007-5929 | OpenBase命令注入及缓冲区溢出漏洞 | |
| CVE-2007-5928 | OpenBase缓冲区溢出漏洞 | |
| CVE-2007-5927 | OpenBase目录遍历漏洞 | |
| CVE-2007-5926 | OpenBase命令注入漏洞 | |
| CVE-2007-5925 | MySQL InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE函数拒绝服务漏洞 | |
| CVE-2007-5924 | IBM Lotus Domino Web Server task 未明跨站脚本漏洞 | |
| CVE-2007-5923 | Computer Associates SiteMinder Web Agent Smpwservices.FCC 跨站脚本攻击漏洞 | |
| CVE-2007-5922 | BitchX Cypress 1.0k script "BitchX Cypress 1.0k script" 信息泄露漏洞 | |
| CVE-2007-5921 | Sun Solaris Volume Manager ioctl界面 未明漏洞 | |
| CVE-2007-5920 | PicoFlat CMS index.php 目录遍历漏洞 | |
| CVE-2007-5930 | Cerberus FTP Server Web 跨站脚本攻击漏洞 | |
| CVE-2007-5918 | Weblord.it MS-TopSites add-on edit.php 跨站请求伪造漏洞 | |
| CVE-2007-5917 | Skalinks admin_account.php 跨站请求伪造漏洞 | |
| CVE-2007-5916 | PHP Helpdesk 登录页 SQL注入漏洞 | |
| CVE-2007-5915 | PHP Helpdesk Index.PHP 目录遍历漏洞 | |
| CVE-2007-5914 | Jean Jean Charles JBC Explorer post.php 直接静态代码注入漏洞 | |
| CVE-2007-5912 | JPortal Mailer.PHP SQL注入漏洞 |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2007-5913
No comments yet