CVE-2007-2935

Fundanemt <2.2.0.1 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2935. PoCs published by Kacper.

AI-analyzed exploit summary This exploit targets a command injection vulnerability in Fundanemt <= 2.2.0 via the spellcheck.php file. It leverages improper input validation in the 'dict' parameter to execute arbitrary commands, either by writing a malicious PHP file to the /tmp directory or directly injecting commands into the ispell command.

Description

core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dict parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kacper · phpwebappsphp

https://www.exploit-db.com/exploits/3998

View Code ZIP pw:eip

This exploit targets a command injection vulnerability in Fundanemt <= 2.2.0 via the spellcheck.php file. It leverages improper input validation in the 'dict' parameter to execute arbitrary commands, either by writing a malicious PHP file to the /tmp directory or directly injecting commands into the ispell command.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Fundanemt <= 2.2.0

No auth needed

Prerequisites: Target must have Fundanemt <= 2.2.0 installed · The spellcheck.php file must be accessible · The /tmp directory must be writable

MITRE ATT&CK