CVE-2007-0850 - Vulnerability Details - OpenCVE

scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Syscp Team	Syscp

Configuration 1 [-]

OR	cpe:2.3:a:syscp_team:syscp:1.2.10:::::::*
	cpe:2.3:a:syscp_team:syscp:1.2.15:::::::*

No data.

References

Link	Providers
http://osvdb.org/33127
http://secunia.com/advisories/24102
http://www.securityfocus.com/archive/1/459397/100/0/threaded
http://www.securityfocus.com/bid/22454
http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP
https://exchange.xforce.ibmcloud.com/vulnerabilities/32330

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-02-08T18:00:00

Updated: 2024-08-07T12:34:21.213Z

Reserved: 2007-02-08T00:00:00

Link: CVE-2007-0850

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-02-08T18:28:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-0850

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "33127", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33127"}, {"name": "22454", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22454"}, {"name": "20070207 Ability to inject and execute any code as root in SysCP", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"name": "syscp-cronscript-code-execution(32330)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"name": "24102", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24102"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0850", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "33127", "refsource": "OSVDB", "url": "http://osvdb.org/33127"}, {"name": "22454", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22454"}, {"name": "20070207 Ability to inject and execute any code as root in SysCP", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"name": "syscp-cronscript-code-execution(32330)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"name": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP", "refsource": "CONFIRM", "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"name": "24102", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24102"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:34:21.213Z"}, "title": "CVE Program Container", "references": [{"name": "33127", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33127"}, {"name": "22454", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22454"}, {"name": "20070207 Ability to inject and execute any code as root in SysCP", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"name": "syscp-cronscript-code-execution(32330)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"name": "24102", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24102"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0850", "datePublished": "2007-02-08T18:00:00", "dateReserved": "2007-02-08T00:00:00", "dateUpdated": "2024-08-07T12:34:21.213Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:syscp_team:syscp:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "3034B734-7033-4D45-8CE2-CADEDD45C498", "vulnerable": true}, {"criteria": "cpe:2.3:a:syscp_team:syscp:1.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "1A297557-9099-40C8-83C4-99093C05C7BE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table."}, {"lang": "es", "value": "scripts/cronscript.php en SysCP 1.2.15 y anteriores incluye y ejecuta secuencias de comandos PHP de su elecci\u00f3n a que son referenciados por la tabla panel_cronscript en la base de datos SysCP, lo cual permite a los atacantes con una base de datos escribir privilegios para ejecutar c\u00f3digo de su elecci\u00f3n construyendo un archivo PHP y agregando su nombre de fichero a esta tabla.\r\n"}], "id": "CVE-2007-0850", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-08T18:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/33127"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24102"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/22454"}, {"source": "cve@mitre.org", "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/33127"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/22454"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}