Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-1890

Malware in sbrugna...

5.8CVSS6.4AI score0.02016EPSS
Exploits0References6
Prion
Prion
added 2007/04/09 8:19 p.m.19 views

Remote file inclusion

PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a mymsroot cookie, a different vector than CVE-2007-0491 and CVE-2006-4630...

6.8CVSS7.7AI score0.0338EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/04/09 8:19 p.m.17 views

CVE-2007-1895

PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a mymsroot cookie, a different vector than CVE-2007-0491 and CVE-2006-4630...

6.8CVSS7.4AI score0.02323EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/04/09 8:0 p.m.25 views

CVE-2007-1896

Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. dot dot and trailing %00 NULL in a mymsroot cookie...

6.6AI score0.02016EPSS
Exploits0References5
CVE
CVE
added 2007/04/09 8:0 p.m.48 views

CVE-2007-1896

CVE-2007-1896 is a directory-traversal flaw in Sky GUNNING MySpeach 3.0.7 and earlier, affecting the file chat.php . The root cause is improper handling of a cookie parameter my_ms[root], allowing a attacker to trigger local file inclusion by using a double dot (“..”) path traversal with a traili...

5.8CVSS6.6AI score0.02016EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/04/09 8:0 p.m.54 views

CVE-2007-1895

CVE-2007-1895 describes a PHP remote file inclusion in Sky GUNNING MySpeach (3.0.7 and earlier) when run with PHP 5. An FTP URL placed in the my_ms[root] cookie enables remote attackers to execute arbitrary PHP code. Connected documents corroborate variants of this vulnerability across MySpeach 3...

6.8CVSS7.6AI score0.02323EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2007/01/25 12:28 a.m.18 views

Remote file inclusion

PHP remote file inclusion vulnerability in up.php in Sky GUNNING MySpeach 3.0.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mymsroot parameter, a different vector than CVE-2006-4630. NOTE: Some of these details are obtained from third party information...

6.8CVSS7.7AI score0.0338EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2007/01/25 12:28 a.m.14 views

CVE-2007-0491

PHP remote file inclusion vulnerability in up.php in Sky GUNNING MySpeach 3.0.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mymsroot parameter, a different vector than CVE-2006-4630. NOTE: Some of these details are obtained from third party information...

6.8CVSS7.4AI score0.01919EPSS
Exploits0References2
Cvelist
Cvelist
added 2007/01/25 12:0 a.m.25 views

CVE-2007-0491

PHP remote file inclusion vulnerability in up.php in Sky GUNNING MySpeach 3.0.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mymsroot parameter, a different vector than CVE-2006-4630. NOTE: Some of these details are obtained from third party information...

7.4AI score0.01919EPSS
Exploits0References2
CVE
CVE
added 2007/01/25 12:0 a.m.39 views

CVE-2007-0491

CVE-2007-0491 is a PHP remote file inclusion vulnerability in Sky GUNNING MySpeach 3.0.6 and earlier, exploitable via a URL in the my_ms[root] parameter of up.php. The issue is a separate vector from CVE-2006-4630 and affects MySpeach components prior to 3.0.6. The connected records confirm relat...

6.8CVSS7.4AI score0.01919EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2006/09/08 8:4 p.m.28 views

CVE-2006-4630

PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING MySpeach 3.0.2 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mymsroot parameter...

7.5CVSS7.3AI score0.0338EPSS
Exploits0References6
CVE
CVE
added 2006/09/08 8:0 p.m.104 views

CVE-2006-4630

CVE-2006-4630 describes a PHP remote file inclusion in jscript.php for Sky GUNNING MySpeach 3.0.2 and earlier. When register_globals is enabled, an attacker can cause arbitrary PHP code execution via a URL in the my_ms[root] parameter. Affected versions are 3.0.2 and earlier; impact is remote cod...

7.5CVSS7.3AI score0.0338EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2006/09/08 8:0 p.m.2 views

EUVD-2006-4618

PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING MySpeach 3.0.2 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mymsroot parameter...

7.5CVSS7.2AI score0.0338EPSS
Exploits0References6
Rows per page
Query Builder