CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-6028

Malware in sbrugna...

6.8CVSS6.4AI score0.03063EPSS

Exploits1References7

Vulnrichment•added 2007/05/02 4:0 a.m.•5 views

CVE-2007-2422

Multiple PHP remote file inclusion vulnerabilities in Modules Builder modbuild 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the pathdocroot parameter to 1 config-bak.php or 2 config.php. NOTE: CVE disputes this vulnerability because the unmodified...

8AI score0.00999EPSS

Exploits0References3

Prion•added 2007/05/02 12:19 a.m.•12 views

Remote file inclusion

7.5CVSS7.9AI score0.00999EPSS

Exploits0References3Affected Software1

Cvelist•added 2007/05/02 12:0 a.m.•11 views

CVE-2007-2422

7.6AI score0.00999EPSS

Exploits0References3

CVE•added 2007/05/02 12:0 a.m.•44 views

CVE-2007-2422

The CVE-2007-2422 issue affects Comdev One Admin Modules Builder (modbuild) v4.1. A PHP Remote File Inclusion vulnerability exists via the path[docroot] parameter to the endpoints (1) config-bak.php and (2) config.php, enabling remote code execution. Root cause notes indicate unmodified scripts s...

9.8CVSS7.7AI score0.00999EPSS

Exploits0References3Affected Software1

Cvelist•added 2006/11/22 12:0 a.m.•10 views

CVE-2006-6045

Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin Pro 4.1 allow remote attackers to execute arbitrary PHP code via a URL in the pathskin parameter to 1 adminfoot.php, 2 adminhead.php, or 3 adminlogin.php...

7.7AI score0.03063EPSS

Exploits1References6

CVE•added 2006/11/22 12:0 a.m.•41 views

CVE-2006-6045

CVE-2006-6045 describes multiple PHP remote file inclusion vulnerabilities in Comdev One Admin Pro 4.1. The flaw allows remote attackers to execute arbitrary PHP code by passing a malicious URL in the path[skin] parameter to adminfoot.php, adminhead.php, or adminlogin.php. Affected software: Comd...

6.8CVSS8AI score0.03063EPSS

Exploits1References6Affected Software1

seebug.org•added 2006/11/21 12:0 a.m.•13 views

Comdev One Admin Pro path[docroot]及path[skin]参数文件包含漏洞

Comdev One Admin Pro是用于为数据库驱动的网站创建PHP模块的平台。 Comdev One Admin Pro的多个脚本在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 Comdev One Admin Pro的adminfoot.php、adminhead.php和adminlogin.php脚本没有正确地验证pathdocroot及pathskin参数的输入，允许攻击者通过包含本地或外部资源的文件导致执行任意PHP代码。漏洞相关的代码如下： ? include$path"docroot".$path"skin"...

7.1AI score

Exploits0

Packet Storm•added 2006/11/18 12:0 a.m.•25 views

comdev41.txt

Comdev One Admin Pro.v4.1 pathskin Remote File include Found by : AG-Spider C0ntAct : AG-Spider at msn dot com Affected Software : One Admin Pro.v4.1 Download Script : http://www.conovo.de/script/OneAdminPro.v4.1.zip KaBaRa.HaCk.eGy KILLERxXx CRASHOVERRIDE SwEEt-deVil Young Hacker Arab Security...

7.4AI score

Exploits0

securityvulns•added 2006/11/17 12:0 a.m.•25 views

Comdev One Admin Pro.v4.1 ( path[skin] ) Remote File include

0.4AI score

Exploits0

seebug.org•added 2006/10/25 12:0 a.m.•12 views

多个Comdev产品adminfoot.php远程文件包含漏洞

Comdev是一家软件开发公司，提供多种商业Web组件。多个Comdev产品在处理用户请求时存在输入验证漏洞，远程攻击者可能利用漏洞在服务器上以Web进程权限执行任意命令。多个Comdev产品的adminfoot.php脚本没有正确过滤对pathdocroot参数的输入，允许攻击者通过包含本地或外部资源的文件执行任意PHP代码。成功攻击要求打开了registerglobals。 Comdev Web Blogger 4.1 Comdev One Admin Pro 4.1 Comdev Misc Tools 4.1 Comdev Forum 4.1 Comdev Form...

7.1AI score

Exploits0

Packet Storm•added 2006/10/20 12:0 a.m.•23 views

ComdevOneAdmin4.1.txt

// http://www.w4cking.com CREDIT: w4ck1ng.com PRODUCT: Comdev One Admin 4.1 http://www.comdevweb.com/oneadmin.php VULNERABILITY: Remote File Inclusion NOTES: - requires register globals on - requires magic quotes off POC: //oneadmin/adminfoot.php?pathdocroot= ADVISORY & EXPLOIT requires...

7.4AI score

Exploits0

securityvulns•added 2006/10/19 12:0 a.m.•38 views

Comdev One Admin 4.1 Remote File Inclusion

// http://www.w4cking.com CREDIT: w4ck1ng.com PRODUCT: Comdev One Admin 4.1 http://www.comdevweb.com/oneadmin.php VULNERABILITY: Remote File Inclusion NOTES: - requires register globals on - requires magic quotes off POC: host/path/oneadmin/adminfoot.php?pathdocroot=local/remote file ADVISORY &...

0.6AI score

Exploits0

exploitpack•added 2006/10/16 12:0 a.m.•15 views

Comdev One Admin 4.1 - Adminfoot.php Remote Code Execution

Comdev One Admin 4.1 - Adminfoot.php Remote Code Execution !/usr/bin/php //oneadmin/adminfoot.php?pathdocroot= Googledork: inurl:/oneadmin/ w4ck1ng - w4ck1ng.com / if!$argv3 die"Usage: php $argv0 host path command\n Usage Example: php $argv0 domain.com /dolphin/ whoami\n"; function send$host, $pu...

0.5AI score

Exploits0

Exploit DB•added 2006/10/16 12:0 a.m.•30 views

Comdev One Admin 4.1 - 'Adminfoot.php' Remote Code Execution

!/usr/bin/php //oneadmin/adminfoot.php?pathdocroot= Googledork: inurl:/oneadmin/ w4ck1ng - w4ck1ng.com / if!$argv3 die"Usage: php $argv0 host path command\n Usage Example: php $argv0 domain.com /dolphin/ whoami\n"; function send$host, $put global $data; $conn = fsockopen gethostbyname$host,"80" ;...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by