Lucene search
+L

379 matches found

Prion
Prion
added 2007/09/24 10:17 p.m.19 views

Design/Logic Flaw

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the lastmodule parameter...

6.8CVSS8.2AI score0.27871EPSS
Exploits4References23Affected Software1
CVE
CVE
added 2007/09/24 10:0 p.m.79 views

CVE-2007-5056

CVE-2007-5056 is an eval injection in adodb-perf-module.inc.php of ADOdb Lite

6.8CVSS7.8AI score0.27871EPSS
Exploits4References23Affected Software6
Cvelist
Cvelist
added 2007/09/24 10:0 p.m.34 views

CVE-2007-5056

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the lastmodule parameter...

7.9AI score0.27871EPSS
Exploits4References23
Tenable Nessus
Tenable Nessus
added 2007/09/24 12:0 a.m.52 views

ADOdb Lite adodb-perf-module.inc.php last_module Parameter Arbitrary Code Execution

ADOdb Lite, a lightweight database framework for PHP applications, is installed on the remote host. The version of ADOdb Lite on the remote host fails to sanitize input to the 'lastmodule' parameter of the 'adodb-perf-module.inc.php' script before using it in an 'eval' statement to evaluate PHP...

6.8CVSS5.9AI score0.27871EPSS
Exploits4References3
seebug.org
seebug.org
added 2007/09/07 12:0 a.m.43 views

PHPOF DB_AdoDB.Class.PHP远程文件包含漏洞

PHPOF是一款基于PHP的WEB应用程序。 PHPOF不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是由于'DBAdoDB.Class.PHP'脚本对用户提交的'PHPOFINCLUDEPATH'参数缺少过滤,指定远程服务器上的任意文件作为包含对象,可导致以以WEB权限执行任意命令。 PHPOF 20040226 目前没有解决方案提供: http://www.phpof.org/ http://www.example.com/dbmodules/DBadodb.class.php?PHPOFINCLUDEPATH=shell.txt?...

7.1AI score
Exploits0
NVD
NVD
added 2007/06/11 10:30 p.m.13 views

CVE-2007-3155

Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier...

10CVSS6.4AI score0.01808EPSS
Exploits0References6
Prion
Prion
added 2007/06/11 10:30 p.m.14 views

Sql injection

Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier...

10CVSS6.9AI score0.01808EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2007/06/11 10:30 p.m.21 views

CVE-2007-3155

Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier...

10CVSS5.8AI score0.01808EPSS
Exploits0References1
CVE
CVE
added 2007/06/11 10:0 p.m.46 views

CVE-2007-3155

CVE-2007-3155 affects eGroupWare before 1.2.107-2, with vulnerability tied to ADOdb. The description notes unknown impact and attack vectors; no concrete exploit details are provided in the connected documents. Vendor details are incomplete, and it’s unclear if this issue is covered by another CVE.

10CVSS6.4AI score0.01808EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/06/11 10:0 p.m.23 views

CVE-2007-3155

Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier...

6.4AI score0.01808EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2007/04/30 12:0 a.m.145 views

XAMPP ADOdb mssql_connect Remote Buffer Overflow

The remote host is running XAMPP, an Apache distribution containing MySQL, PHP, and Perl. It is designed for easy installation and administration. The remote version of XAMPP includes a PHP interpreter that is affected by a buffer overflow involving calls to 'mssqlconnect' as well as an example P...

9.3CVSS6.5AI score0.09691EPSS
Exploits0References4
securityvulns
securityvulns
added 2007/04/25 12:0 a.m.61 views

dcp-portal v611 >> RFi

vendor :http://www.dcp-portal.org/ by : www.hackerz.ir userz .saeid 1- remote DCP/library/adodb/adodb.inc.php ==== includeonce$path; 2- remote DCP/library/editor/editor.php ===== include $abspatheditor."PropAccestring.php 3- local == DCP/admin/phpMyAdmin/libraries/common.lib.php ===...

0.2AI score
Exploits0
NVD
NVD
added 2007/04/18 3:19 a.m.24 views

CVE-2007-2079

The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified...

9.3CVSS7.8AI score0.09691EPSS
Exploits0References4
Prion
Prion
added 2007/04/18 3:19 a.m.26 views

Buffer overflow

The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified...

9.3CVSS8.2AI score0.09691EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2007/04/17 12:0 a.m.33 views

xampp-rgod.txt

Connect$POST'host', $POST'user', $POST'password', $POST'database'; echo "DBServer: $POSTdbserver"; $result = $db-Execute"SELECT FROM $POSTtable"; ... mssqlconnect function is vulnerable to buffer overflow and the host argument is totally unchecked. Also this shows a vulnerabilty in ADODB library...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/04/15 12:0 a.m.29 views

XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit

Exploit for unknown platform in category remote exploits ============================================================== XAMPP for Windows Connect$POST'host', $POST'user', $POST'password', $POST'database'; echo "DBServer: $POSTdbserver"; $result = $db-Execute"SELECT FROM $POSTtable";...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/15 12:0 a.m.50 views

XAMPP for Windows 1.6.0a - &#039;mssql_connect()&#039; Remote Buffer Overflow

Connect$POST'host', $POST'user', $POST'password', $POST'database'; echo "DBServer: $POSTdbserver"; $result = $db-Execute"SELECT FROM $POSTtable"; ... mssqlconnect function is vulnerable to buffer overflow and the host argument is totally unchecked. Also this shows a vulnerabilty in ADODB library...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/03/30 12:0 a.m.6 views

PT-2007-1459 · Morcego · Morcegocms

Name of the Vulnerable Software and Affected Versions: Morcego CMS versions 0.9.6 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code. This can be achieved via a URL in the path parameter to "adodb/adodb.inc.php". Recommendations: For Morcego CMS versions 0.9....

10CVSS7.5AI score0.02178EPSS
Exploits0References4
myhack58
myhack58
added 2007/03/30 12:0 a.m.20 views

PhpSpy 2 0 0 6 final modified version-the vulnerability warning-the black bar safety net

Files and directories to a ZIP package to download 2. MySql and Ftp brute force 3. Within the network computer name and IP conversion 4. The use of MySql upload download file 5. Added custom settings 6. Alexa rank,off by default 7. Using ADODB to execute SQL statements 8. There are other...

1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/15 12:0 a.m.114 views

ClipShare ADODB-Connection.Inc.PHP远程文件包含漏洞

ClipShare是一款基于PHP的WEB应用程序。 ClipShare不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'ADODB-Connection.Inc.PHP'脚本对用户提交的'cmd'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 ClipShare 1.5.3 目前没有解决方案提供: http://www.clip-share.com/ http://www.example.com/Path/include/adodb-connection.inc.php?cmd=Shell-Attack...

7.1AI score
Exploits0
Rows per page
Query Builder