CVE-2007-5913

JBC Explorer < 7.20_rc1 - Unauthenticated Authentication Bypass via auth.php Parameter Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5913. PoCs published by DarkFig.

AI-analyzed exploit summary This exploit targets JBC Explorer <= V7.20 RC 1, leveraging a remote code execution vulnerability by manipulating configuration files and injecting malicious PHP code. It establishes an interactive shell by exploiting improper input validation in the application.

Description

dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not require authentication, which allows remote attackers to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name and password for JBC Explorer via the login and password parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · phpwebappsphp

https://www.exploit-db.com/exploits/4608

View Code ZIP pw:eip

This exploit targets JBC Explorer <= V7.20 RC 1, leveraging a remote code execution vulnerability by manipulating configuration files and injecting malicious PHP code. It establishes an interactive shell by exploiting improper input validation in the application.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: JBC Explorer <= V7.20 RC 1

No auth needed

Prerequisites: Network access to the target application · PHP environment to run the exploit

MITRE ATT&CK