Lucene search
K

2522 matches found

NVD
NVD
added 2007/09/24 10:17 p.m.23 views

CVE-2007-5056

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the lastmodule parameter...

6.8CVSS7.9AI score0.27871EPSS
Exploits4References23
Prion
Prion
added 2007/09/24 10:17 p.m.19 views

Design/Logic Flaw

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the lastmodule parameter...

6.8CVSS8.2AI score0.27871EPSS
Exploits4References23Affected Software1
CVE
CVE
added 2007/09/24 10:0 p.m.75 views

CVE-2007-5056

CVE-2007-5056 is an eval injection in adodb-perf-module.inc.php of ADOdb Lite

6.8CVSS7.8AI score0.27871EPSS
Exploits4References23Affected Software6
myhack58
myhack58
added 2007/09/18 12:0 a.m.34 views

Cocoon Counter statistics program background written mA-vulnerability warning-the black bar safety net

Reference the latest Ocean to the top of the eval version in a few words, here to use is % eval reques tchr 3 5 % , "evalExecutePP. htm in the text box write your own code is added with 2006X2. exe conversion to generate the html text box in code. What is the text box you know? Don't just check t...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2007/08/30 5:0 p.m.28 views

CVE-2007-4596

The perl extension in PHP does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments...

7.5AI score0.0778EPSS
Exploits1References1
Prion
Prion
added 2007/08/21 6:17 p.m.12 views

Design/Logic Flaw

Eval injection vulnerability in environment.php in Olate Download od 3.4.1 allows context-dependent attackers to execute arbitrary code via a crafted version string, as referenced by the 1 PDO::ATTRSERVERVERSION or 2 PDO::ATTRCLIENTVERSION attribute...

6.8CVSS8.2AI score0.02349EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2007/08/21 6:17 p.m.14 views

CVE-2007-4454

Eval injection vulnerability in environment.php in Olate Download od 3.4.1 allows context-dependent attackers to execute arbitrary code via a crafted version string, as referenced by the 1 PDO::ATTRSERVERVERSION or 2 PDO::ATTRCLIENTVERSION attribute...

6.8CVSS7.6AI score0.02349EPSS
Exploits1References7
Cvelist
Cvelist
added 2007/08/21 6:0 p.m.19 views

CVE-2007-4454

Eval injection vulnerability in environment.php in Olate Download od 3.4.1 allows context-dependent attackers to execute arbitrary code via a crafted version string, as referenced by the 1 PDO::ATTRSERVERVERSION or 2 PDO::ATTRCLIENTVERSION attribute...

7.6AI score0.02349EPSS
Exploits1References7
CVE
CVE
added 2007/08/21 6:0 p.m.43 views

CVE-2007-4454

CVE-2007-4454 affects Olate Download (od) 3.4.1 via an eval injection in environment.php. A crafted version string can cause code execution, using either PDO::ATTR_SERVER_VERSION or PDO::ATTR_CLIENT_VERSION. The available documents confirm the vulnerability and potential impact; no remediation de...

6.8CVSS7.6AI score0.02349EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2007/08/08 1:17 a.m.18 views

Sql injection

Multiple eval injection vulnerabilities in the comsearch component in Joomla! 1.5 beta before RC1 aka Mapya allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to defaultresults.php in 1 components/comsearch/views/search/tmpl/ and 2...

7.5CVSS8.2AI score0.11306EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2007/08/08 1:17 a.m.16 views

CVE-2007-4187

Multiple eval injection vulnerabilities in the comsearch component in Joomla! 1.5 beta before RC1 aka Mapya allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to defaultresults.php in 1 components/comsearch/views/search/tmpl/ and 2...

7.5CVSS7.9AI score0.11306EPSS
Exploits1References4
CVE
CVE
added 2007/08/08 1:11 a.m.56 views

CVE-2007-4187

CVE-2007-4187 affects Joomla! 1.5 beta before RC1 (Mapya). The vulnerability stems from multiple eval-injection flaws in the com_search component, specifically related to the searchword parameter being passed to eval() via default_results.php (1) components/com_search/views/search/tmpl/ and (2) t...

7.5CVSS7.9AI score0.11306EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2007/07/05 8:30 p.m.17 views

Code injection

PHPIDS before 20070703 does not properly handle use of the substr method in 1 document.location.search and 2 document.referrer; 3 certain use of document.location.hash; 4 certain "windoweval" and similar expressions; 5 certain Function expressions; 6 certain '=' expressions, as demonstrated by a...

4.3CVSS6.9AI score0.0105EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2007/06/20 12:0 a.m.25 views

igshop14-eval.txt

!/usr/bin/perl -w use LWP::UserAgent; iG Shop 1.4 eval Inclusion Vulnerability found by IFX nyubicrew Vulnerability on page.php if !$action $action = "make"; // here the function will be called. eval "page$action;"; die "Example: perl $0 http://www.planetgolfuk.co.uk/shop\n" unless @ARGV; $b =...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/06/19 12:0 a.m.94 views

iG Shop 1.4 eval Inclusion Vulnerability

!/usr/bin/perl -w use LWP::UserAgent; iG Shop 1.4 eval Inclusion Vulnerability found by IFX nyubicrew Vulnerability on page.php if !$action $action = "make"; // here the function will be called. eval "page$action;"; die "Example: perl $0 http://www.planetgolfuk.co.uk/shopn" unless @ARGV; $b =...

0.4AI score
Exploits0
NVD
NVD
added 2007/05/04 1:19 a.m.14 views

CVE-2007-2501

Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to execute arbitrary code via certain input that is used in an eval function call...

7.5CVSS7.9AI score0.02952EPSS
Exploits0References7
Prion
Prion
added 2007/05/04 1:19 a.m.14 views

Design/Logic Flaw

Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to execute arbitrary code via certain input that is used in an eval function call...

7.5CVSS8.4AI score0.02952EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/05/04 1:0 a.m.44 views

CVE-2007-2501

CVE-2007-2501 is an eval-injection vulnerability affecting CodePress components (CodePress before 0.9.4), where user-supplied input used in an eval call can lead to remote code execution. The vulnerable element is specifically in codepress.html. Impact is remote arbitrary code execution with the ...

7.5CVSS7.9AI score0.02952EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/05/04 1:0 a.m.19 views

CVE-2007-2501

Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to execute arbitrary code via certain input that is used in an eval function call...

7.9AI score0.02952EPSS
Exploits0References7
Prion
Prion
added 2007/04/24 4:19 p.m.12 views

Design/Logic Flaw

Eval injection vulnerability in 1 courier-imapd.indirect and 2 courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable...

10CVSS8.4AI score0.04673EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder