CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7217 matches found

Prion•added 2007/07/03 8:30 p.m.•16 views

Unrestricted file upload

Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the wpattachedfile metadata field; and then sending this file's content, alo...

6CVSS7.2AI score0.01649EPSS

Exploits0References5Affected Software2

OSV•added 2007/07/03 8:30 p.m.•5 views

CVE-2007-3543

6.9AI score

Exploits0References5

NVD•added 2007/07/03 8:30 p.m.•15 views

CVE-2007-3543

6CVSS7AI score0.01649EPSS

Exploits0References5

CVE•added 2007/07/03 8:0 p.m.•48 views

CVE-2007-3544

CVE-2007-3544 describes an unrestricted file upload in WordPress 2.2.1 and WordPress MU 1.2.3 affecting (1) wp-app.php and (2) app.php. The issue allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, with possible linkage to the wp_postmeta table and ...

6.5CVSS7.3AI score0.01769EPSS

Exploits0References2Affected Software2

CVE•added 2007/07/03 8:0 p.m.•56 views

CVE-2007-3543

CVE-2007-3543 involves an Unrestricted file upload vulnerability in WordPress up to version 2.2.1 and WordPress MU up to 1.2.3. The flaw allows a remote authenticated user to upload and execute arbitrary PHP code by creating a post with a .php filename in the _wp_attached_file metadata field and ...

6CVSS7AI score0.01649EPSS

Exploits0References5Affected Software2

Debian CVE•added 2007/07/03 8:0 p.m.•18 views

CVE-2007-3543

6CVSS5.8AI score0.01649EPSS

Exploits0

Debian CVE•added 2007/07/03 8:0 p.m.•19 views

CVE-2007-3544

Unrestricted file upload vulnerability in 1 wp-app.php and 2 app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wppostmeta table and the use of custom fields in normal...

6.5CVSS6AI score0.01769EPSS

Exploits0

exploitpack•added 2007/07/03 12:0 a.m.•21 views

MyCMS 0.9.8 - Remote Command Execution (1)

MyCMS 0.9.8 - Remote Command Execution 1 !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;...

0.2AI score

Exploits0

Patchstack•added 2007/07/03 12:0 a.m.•11 views

WordPress <= 2.2.1 - Arbitrary File Upload

This vulnerability is in wp-app.php and app.php. It allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors. Solution Upgrade to latest version of WordPress...

6.5CVSS6.2AI score0.01769EPSS

Exploits0References1Affected Software1

Exploit DB•added 2007/07/03 12:0 a.m.•30 views

MyCMS 0.9.8 - Remote Command Execution (2)

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or die"can't open file"...

7.4AI score

Exploits0

Exploit DB•added 2007/07/03 12:0 a.m.•37 views

MyCMS 0.9.8 - Remote Command Execution (1)

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n";...

7.4AI score

Exploits0

Prion•added 2007/06/27 12:30 a.m.•15 views

Unrestricted file upload

Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and earlier, when photograph upload is enabled, allows remote attackers to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg...

6.8CVSS8AI score0.02069EPSS

Exploits0References5Affected Software1

Prion•added 2007/06/27 12:30 a.m.•14 views

Remote file inclusion

PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows remote attackers to execute arbitrary PHP code via a URL in the diredgelang parameter...

6.8CVSS8AI score0.70717EPSS

Exploits1References8Affected Software1

Prion•added 2007/06/27 12:30 a.m.•19 views

Unrestricted file upload

Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...

7.5CVSS8AI score0.08176EPSS

Exploits0References4Affected Software1

NVD•added 2007/06/27 12:30 a.m.•14 views

CVE-2007-3432

Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...

7.5CVSS7.5AI score0.08176EPSS

Exploits0References4

Cvelist•added 2007/06/27 12:0 a.m.•15 views

CVE-2007-3432

Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...

7.5AI score0.08176EPSS

Exploits0References4

Cvelist•added 2007/06/27 12:0 a.m.•16 views

CVE-2007-3429

7.5AI score0.02069EPSS

Exploits0References5

Prion•added 2007/06/26 5:30 p.m.•12 views

Unrestricted file upload

Unrestricted file upload vulnerability in upload.php in dreamLog aka dreamblog 0.5 allows remote attackers to upload and execute arbitrary PHP code in uploads/images/ via the uploadedFile parameter...

7.5CVSS8.1AI score0.02511EPSS

Exploits0References5Affected Software1

NVD•added 2007/06/26 5:30 p.m.•14 views

CVE-2007-3403

7.5CVSS7.5AI score0.02511EPSS

Exploits0References5

Cvelist•added 2007/06/26 5:0 p.m.•22 views

CVE-2007-3403

7.5AI score0.02511EPSS

Exploits0References5

Rows per page