Total
3411 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5676 | 1 Futurenuke | 1 Platinum | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nuke_bb_root_path parameter. | |||||
| CVE-2007-5666 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-09-29 | 6.2 MEDIUM | N/A |
| Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655. | |||||
| CVE-2007-5663 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-09-29 | 9.3 HIGH | N/A |
| Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655. | |||||
| CVE-2007-5641 | 1 Phppm | 1 Php Project Management | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the full_path parameter to (1) certinfo/index.php, (2) emails/index.php, (3) events/index.php, (4) fax/index.php, (5) files/index.php, (6) files/list.php, (7) groupadm/index.php, (8) history/index.php, (9) info/index.php, (10) log/index.php, (11) mail/index.php, (12) messages/index.php, (13) organizations/index.php, (14) phones/index.php, (15) presence/index.php, (16) projects/index.php, (17) projects/summary.inc.php, (18) projects/list.php, (19) reports/index.php, (20) search/index.php, (21) snf/index.php, (22) syslog/index.php, (23) tasks/searchsimilar.php, (24) tasks/index.php, (25) tasks/summary.inc.php, and (26) useradm/index.php in modules; (27) /ajax/loadsplash.php; (28) /blocks/birthday.php; (29) /blocks/events.php; and (30) /blocks/help.php. | |||||
| CVE-2007-5628 | 1 Towels | 1 Towels | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in src/scripture.php in The Online Web Library Site (TOWels) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the pageHeaderFile parameter. | |||||
| CVE-2007-5627 | 1 Socketmail | 1 Socketmail | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in content/fnc-readmail3.php in SocketMail 2.2.8 allows remote attackers to execute arbitrary PHP code via a URL in the __SOCKETMAIL_ROOT parameter. | |||||
| CVE-2007-5600 | 1 Artmedic Webdesign | 1 Artmedic Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs. | |||||
| CVE-2007-5592 | 1 Awzmb | 1 Awzmb | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Setting[OPT_includepath] parameter to (1) adminhelp.php; and (2) admin.incl.php, (3) reg.incl.php, (4) help.incl.php, (5) gbook.incl.php, and (6) core/core.incl.php in modules/. | |||||
| CVE-2007-5574 | 1 Phpdj | 1 Phpdj | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in djpage.php in PHPDJ 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | |||||
| CVE-2007-5573 | 1 Limesurvey | 1 Limesurvey | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter. | |||||
| CVE-2007-5453 | 1 Php-stats | 1 Php-stats | 2017-09-29 | 8.5 HIGH | N/A |
| Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the _options table, which is used in an eval function call by (1) admin.php, (2) click.php, (3) download.php, and unspecified other files, as demonstrated by modifying _options through a backup restore action in admin.php. | |||||
| CVE-2007-5451 | 2 Com Colorlab, Joomla | 2 Com Colorlab, Joomla | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | |||||
| CVE-2007-5412 | 1 Quoc-huy | 1 Mp3 Allopass | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the Quoc-Huy MP3 Allopass (com_mp3_allopass) 1.0 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter to (1) allopass.php and (2) allopass-error.php. | |||||
| CVE-2007-5409 | 1 Nuhit | 1 Nuseo Php Enterprise | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/nuseo_admin_d.php in NuSEO PHP Enterprise 1.6 (NuSEO.PHP), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the nuseo_dir parameter. | |||||
| CVE-2007-5407 | 1 Joomlaequipment | 1 Jcontentsubscription | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the JContentSubscription (com_jcs) 1.5.8 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) jcs.function.php; (2) add.php, (3) history.php, and (4) register.php, in view/; and (5) list.sub.html.php, (6) list.user.sub.html.php, and (7) reports.html.php in views/. | |||||
| CVE-2007-5390 | 1 Picoflat Cms | 1 Picoflat Cms | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pagina parameter. | |||||
| CVE-2007-5388 | 1 Webdesktop | 1 Webdesktop | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebDesktop 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) app parameter to apps/apps.php and the (2) wsk parameter to wsk/wsk.php. | |||||
| CVE-2007-5387 | 1 Pindorama | 1 Pindorama | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in active/components/xmlrpc/client.php in Pindorama 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the c[components] parameter. | |||||
| CVE-2007-5315 | 1 Softpedia | 1 Livealbum | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the livealbum_dir parameter. | |||||
| CVE-2007-5314 | 1 Xkiosk | 1 Xkiosk Web | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PEARPATH parameter. | |||||