260391
|
- |
|
runcms
|
runcms
|
Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals and allow_url_fopen enabled, allow remote attackers to execute arbitrary code via the bbPath[path] pa…
|
CWE-94
Code Injection
|
CVE-2006-0659
|
2011-09-8 13:00 |
2006-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260392
|
- |
|
runcms
|
runcms
|
Successful exploitation requires that both "register_globals" and "allow_url_fopen" are enabled.
|
CWE-94
Code Injection
|
CVE-2006-0659
|
2011-09-8 13:00 |
2006-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260393
|
- |
|
joomla
|
joomla
|
Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors.
|
CWE-89
SQL Injection
|
CVE-2006-1049
|
2011-09-8 13:00 |
2006-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260394
|
- |
|
castor
|
castor
|
Multiple PHP remote file inclusion vulnerabilities in 2le.net Castor PHP Web Builder 1.1.1 allow remote attackers to execute arbitrary PHP code via the rootpath parameter in (1) lib/code.php, (2) lib…
|
CWE-94
Code Injection
|
CVE-2006-5481
|
2011-09-8 13:00 |
2006-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260395
|
- |
|
paristemi
|
paristemi
|
Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scrip…
|
CWE-94
Code Injection
|
CVE-2006-6689
|
2011-09-8 13:00 |
2006-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260396
|
- |
|
papoo
|
papoo
|
Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) menuid parameter to (a) index.php and (b) guestbook.php, and the…
|
CWE-89
SQL Injection
|
CVE-2005-4478
|
2011-09-8 13:00 |
2005-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260397
|
- |
|
ffmpeg mplayerhq
|
ffmpeg mplayer
|
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact …
|
CWE-20
Improper Input Validation
|
CVE-2011-2160
|
2011-09-7 12:17 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260398
|
- |
|
nrl
|
opie
|
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
|
CWE-189
Numeric Errors
|
CVE-2011-2489
|
2011-09-7 12:17 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260399
|
- |
|
nrl
|
opie
|
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already …
|
CWE-20
Improper Input Validation
|
CVE-2011-2490
|
2011-09-7 12:17 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260400
|
- |
|
digium
|
asterisk
|
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41.2, 1.6.2.x before 1.6.2.18.2, and 1.8.x before 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards…
|
CWE-200
Information Exposure
|
CVE-2011-2536
|
2011-09-7 12:17 |
2011-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|