Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2007/09/05 12:0 a.m.69 views

Joomla! CMS com_search Component 'searchword' Parameter RCE

The version of Joomla! running on the remote host is affected by a remote code execution vulnerability within the comsearch/views/search/tmpl/defaultresults.php script due to improper sanitization of user-supplied input to the 'searchword' parameter before passing it to the eval function. An...

7.5CVSS6.6AI score0.11306EPSS
Exploits1References2
canvas
canvas
added 2007/08/08 1:17 a.m.43 views

Immunity Canvas: JOOMLA_EVAL

Name| joomlaeval ---|--- CVE| CVE-2007-4187 Exploit Pack| CANVAS Description| joomlaeval Notes| CVE Name: CVE-2007-4187 VENDOR: Joomla Repeatability: Infinite References: 'http://www.milw0rm.com/exploits/4212',...

7.5CVSS6.7AI score0.11306EPSS
Exploits1
Cvelist
Cvelist
added 2007/08/08 1:11 a.m.26 views

CVE-2007-4187

Multiple eval injection vulnerabilities in the comsearch component in Joomla! 1.5 beta before RC1 aka Mapya allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to defaultresults.php in 1 components/comsearch/views/search/tmpl/ and 2...

7.9AI score0.11306EPSS
Exploits1References4
CVE
CVE
added 2007/08/08 1:11 a.m.57 views

CVE-2007-4187

CVE-2007-4187 affects Joomla! 1.5 beta before RC1 (Mapya). The vulnerability stems from multiple eval-injection flaws in the com_search component, specifically related to the searchword parameter being passed to eval() via default_results.php (1) components/com_search/views/search/tmpl/ and (2) t...

7.5CVSS7.9AI score0.11306EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder