A vulnerability was found in Rayzz Rayzz Script 2.0. It has been classified as critical. Affected is some unknown functionality in the library common/classes/class_headerhandler.lib.php. The manipulation of the argument CFG[site][project_path] with an unknown input leads to a code injection vulnerability. CWE is classifying the issue as CWE-94. The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

PHP remote file inclusion vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[site][project_path] parameter.

The weakness was published 12/04/2007 by Crackers_child (Website). The advisory is available at milw0rm.com. This vulnerability is traded as CVE-2007-6229 since 12/04/2007. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. Technical details and a public exploit are known. This vulnerability is assigned to T1059 by the MITRE ATT&CK project.

The exploit is shared for download at exploit-db.com. It is declared as proof-of-concept. By approaching the search of inurl:common/classes/class_headerhandler.lib.php it is possible to find vulnerable targets with Google Hacking.

The vulnerability is also documented in the databases at X-Force (38802), Exploit-DB (4685) and SecurityFocus (BID 26681†). Similar entry is available at VDB-39931.

Productinfo

Vendor

• Rayzz

Name

• Rayzz Script

Version

• 2.0

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion