CVE-2007-0649
OpenEMR < 2.8.2 - Remote Code Execution via Variable Overwrite in interface/globals.php
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2007-0649. PoCs published by Michael Melewski, trzindan.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in OpenEMR version 2.8.2, where user-supplied input is not properly sanitized. The vulnerability can be exploited by injecting malicious script code via the 'rootdir' parameter in the login_frame.php URL.
Description
Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as conduct (a) remote file inclusion attacks via the srcdir parameter in custom/import_xml.php or (b) cross-site scripting (XSS) attacks via the rootdir parameter in interface/login/login_frame.php, via vectors associated with extract operations on the (1) POST and (2) GET superglobal arrays. NOTE: this issue was originally disputed before the extract behavior was identified in post-disclosure analysis. Also, the original report identified "Open Conference Systems," but this was an error.
Exploits (2)
The provided text describes a cross-site scripting (XSS) vulnerability in OpenEMR version 2.8.2, where user-supplied input is not properly sanitized. The vulnerability can be exploited by injecting malicious script code via the 'rootdir' parameter in the login_frame.php URL.
The provided text describes a remote file inclusion vulnerability in OpenEMR 2.8.2 due to insufficient input sanitization. It includes a sample exploit URL but lacks actual exploit code or technical details.