|
256961
|
- |
|
amensa-soft
|
k\+b-bestellsystem
|
kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.
|
CWE-20
Improper Input Validation
|
CVE-2007-6176
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256962
|
- |
|
php_con
|
php_con
|
PHP remote file inclusion vulnerability in Exchange/include.php in PHP_CON 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the webappcfg[APPPATH] parameter.
|
CWE-94
Code Injection
|
CVE-2007-6177
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256963
|
- |
|
easy_hosting_control_panel
|
easy_hosting_control_panel
|
Multiple PHP remote file inclusion vulnerabilities in Easy Hosting Control Panel for Ubuntu (EHCP) 0.22.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the confdir par…
|
CWE-20
Improper Input Validation
|
CVE-2007-6178
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256964
|
- |
|
easy_hosting_control_panel
|
easy_hosting_control_panel
|
Additional Information - http://www.securityfocus.com/bid/26623/info
|
CWE-20
Improper Input Validation
|
CVE-2007-6178
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256965
|
- |
|
kinson_chan_charray
|
cms
|
Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the ccms_library_path parameter to (1) markdown.php and (2)…
|
CWE-20
Improper Input Validation
|
CVE-2007-6179
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256966
|
- |
|
project_alumni
|
project_alumni
|
Directory traversal vulnerability in index.php in Project Alumni 1.0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6184
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256967
|
- |
|
noah
|
noah
|
Multiple directory traversal vulnerabilities in PHP Content Architect (aka NoAh) 0.9 pre 1.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filepath parameter to…
|
CWE-22
Path Traversal
|
CVE-2007-6187
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256968
|
- |
|
tumusika_evolution
|
tumusika_evolution
|
Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) langua…
|
CWE-22
Path Traversal
|
CVE-2007-6188
|
2017-09-29 10:29 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256969
|
- |
|
neocrome
|
seditio
|
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
|
CWE-89
SQL Injection
|
CVE-2007-6202
|
2017-09-29 10:29 |
2007-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256970
|
- |
|
neocrome
|
seditio
|
Successful exploitation requires that "magic_quotes_gpc" is disabled.
|
CWE-89
SQL Injection
|
CVE-2007-6202
|
2017-09-29 10:29 |
2007-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
