source: http://www.securityfocus.com/bid/22453/info SysCP is prone to an arbitrary code-execution vulnerability. An attacker can exploit this issue to execute arbitrary commands with superuser privileges, resulting in the compromise of the computer. NOTE: To exploit this issue, an attacker must have authenticated access to a customer control panel. "; cp /var/www/syscp/lib/userdata.inc.php /var/[user]/webs/web1/; ls "
Related ExploitsTrying to match CVEs (1): CVE-2007-0849
Trying to match OSVDBs (1): 33128
Other Possible E-DB Search Terms: SYSCP 1.2.15, SYSCP
|2005-08-08||SysCP 1.2.x - Multiple Script Execution Vulnerabilities||Christopher Kunz|