|
293791
|
- |
|
nuhit
|
nuseo_php_enterprise
|
PHP remote file inclusion vulnerability in admin/nuseo_admin_d.php in NuSEO PHP Enterprise 1.6 (NuSEO.PHP), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via…
|
CWE-94
Code Injection
|
CVE-2007-5409
|
2017-09-29 10:29 |
2007-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293792
|
- |
|
quoc-huy
|
mp3_allopass
|
Multiple PHP remote file inclusion vulnerabilities in the Quoc-Huy MP3 Allopass (com_mp3_allopass) 1.0 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosC…
|
CWE-94
Code Injection
|
CVE-2007-5412
|
2017-09-29 10:29 |
2007-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293793
|
- |
|
perfection_bytes
|
pbemail
|
Absolute path traversal vulnerability in a certain ActiveX control in PBEmail7Ax.dll in PBEmail 7 ActiveX Edition allows remote attackers to create or overwrite arbitrary files via a full pathname in…
|
CWE-22
Path Traversal
|
CVE-2007-5446
|
2017-09-29 10:29 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293794
|
- |
|
ioncube
php
|
php_encoder
php
|
ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5447
|
2017-09-29 10:29 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293795
|
- |
|
softbiz
|
recipes_portal_script
|
SQL injection vulnerability in searchresult.php in Softbiz Recipes Portal Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter.
|
CWE-89
SQL Injection
|
CVE-2007-5449
|
2017-09-29 10:29 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293796
|
- |
|
com_colorlab
joomla
|
com_colorlab
joomla
|
PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConf…
|
CWE-94
Code Injection
|
CVE-2007-5451
|
2017-09-29 10:29 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293797
|
- |
|
php-stats
|
php-stats
|
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
|
CWE-89
SQL Injection
|
CVE-2007-5452
|
2017-09-29 10:29 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293798
|
- |
|
php-stats
|
php-stats
|
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the _optio…
|
CWE-94
Code Injection
|
CVE-2007-5453
|
2017-09-29 10:29 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293799
|
- |
|
alorys-hebergement
|
kwsphp
newsletter_module
|
SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsletter param…
|
CWE-89
SQL Injection
|
CVE-2007-5458
|
2017-09-29 10:29 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293800
|
- |
|
mydoop
|
doop_cms
|
Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified compone…
|
CWE-22
Path Traversal
|
CVE-2007-5465
|
2017-09-29 10:29 |
2007-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
