← back
CVE-2007-2003

CVE-2007-2003

EPSS 2.0%
InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/3702unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/24842https://www.exploit-db.com/exploits/3702http://www.vupen.com/english/advisories/2007/1345