CVE-2007-4932

Shop-Script < 2.0 - Unauthenticated Admin Panel Access via Improper Redirect Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4932. PoCs published by InATeam.

AI-analyzed exploit summary This exploit targets Shop-Script FREE <= 2.0, leveraging an admin authorization bypass and arbitrary PHP code injection in the configuration file. It executes commands via a crafted POST request to inject shellcode into the configuration file, then triggers it via a GET request.

Description

admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to access the admin panel.

Exploits (1)

exploitdb WORKING POC VERIFIED

by InATeam · phpwebappsphp

https://www.exploit-db.com/exploits/4419

View Code ZIP pw:eip

This exploit targets Shop-Script FREE <= 2.0, leveraging an admin authorization bypass and arbitrary PHP code injection in the configuration file. It executes commands via a crafted POST request to inject shellcode into the configuration file, then triggers it via a GET request.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Shop-Script FREE <= 2.0

No auth needed

Prerequisites: Target must be running Shop-Script FREE <= 2.0 · PHP must be configured with certain settings (e.g., magic_quotes_gpc=on)

MITRE ATT&CK