Administrative Access Vulnerability in Zomplog by Zomplog
CVE-2007-5230

Currently unrated

Key Information:

Vendor: Zomplog
Status: Zomplog
Vendor: CVE Published:; 5 October 2007

What is CVE-2007-5230?

The Zomplog application prior to version 3.8.1 suffers from a significant access control vulnerability in the admin/upload_files.php file. This flaw allows unauthorized users to perform administrative actions by sending requests without appropriate authentication checks, potentially leading to remote code execution through subsequent exploitation of related vulnerabilities. It is crucial for users and administrators of Zomplog to apply the latest updates and monitor their systems for potential exploitation.

References

https://www.exploit-db.com/exploits/4466

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/25861

vdb-entryx_refsource_BID

http://secunia.com/advisories/27028

third-party-advisoryx_refsource_SECUNIA

EPSS Score

12% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 5, 2007
Vulnerability Reserved
Oct 5, 2007

JSON