EDB-4789
webappsphpVERIFIED
PMOS Help Desk 2.4 - Remote Command Execution
CVE-2007-6550
EgiX12/25/2007
CVE-2007-6550
NONEform.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the
Опубликовано: 12/28/2007Обновлено: 4/9/2025
Описание
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
ИИ-АнализНа базе ИИ
Затронутые продукты
pmos_helpdeskpmos_helpdesk
Доступные эксплойты (1)
Ссылки
- http://osvdb.org/42662
- http://secunia.com/advisories/28201
- http://www.securityfocus.com/bid/27032
- http://www.vupen.com/english/advisories/2007/4321
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39274
- https://www.exploit-db.com/exploits/4789
- http://osvdb.org/42662
- http://secunia.com/advisories/28201
- http://www.securityfocus.com/bid/27032
- http://www.vupen.com/english/advisories/2007/4321
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39274
- https://www.exploit-db.com/exploits/4789