CVE-2007-3587

MyCMS <0.9.8 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3587. PoCs published by BlackHawk.

AI-analyzed exploit summary This exploit targets a remote command execution vulnerability in MyCMS <= 0.9.8 by bypassing authentication via cookie manipulation and injecting PHP code into settings.inc. It creates a backdoor shell (piggy_marty.php) for arbitrary command execution.

Description

MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by BlackHawk · phpwebappsphp

https://www.exploit-db.com/exploits/4145

View Code ZIP pw:eip

This exploit targets a remote command execution vulnerability in MyCMS <= 0.9.8 by bypassing authentication via cookie manipulation and injecting PHP code into settings.inc. It creates a backdoor shell (piggy_marty.php) for arbitrary command execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MyCMS <= 0.9.8

No auth needed

Prerequisites: Target must have MyCMS <= 0.9.8 installed · PHP must be running on the target server · Admin path must be accessible

MITRE ATT&CK