CVE-2007-6515

SiteScape Forum - Remote Code Execution via TCL Code Separator in Query String

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-6515. PoCs published by Spencer McIntyre, niekt0.

AI-analyzed exploit summary This exploit leverages TCL code injection in SiteScape Enterprise Forums to achieve remote code execution. It supports multiple attack modes including reverse shell, file upload, and file download.

Description

support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Spencer McIntyre · pythonwebappscgi

https://www.exploit-db.com/exploits/15987

View Code ZIP pw:eip

This exploit leverages TCL code injection in SiteScape Enterprise Forums to achieve remote code execution. It supports multiple attack modes including reverse shell, file upload, and file download.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SiteScape Enterprise Forums version 7

No auth needed

Prerequisites: Network access to the target server · TCL injection vulnerability in dispatch.cgi

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by niekt0 · textwebappscgi

https://www.exploit-db.com/exploits/30919

View Code ZIP pw:eip

This exploit demonstrates a command injection vulnerability in SiteScape Forum by appending a semicolon and arbitrary command to the URL. The lack of input sanitization allows execution of system commands in the context of the webserver process.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SiteScape Forum (version unspecified)

No auth needed

Prerequisites: Network access to the vulnerable SiteScape Forum instance

MITRE ATT&CK