漏洞分类 - 代码执行 - Code Execution - 知道创宇 Seebug 漏洞平台

漏洞分类 — 代码执行

英文名字: Code Execution

漏洞详情：: 代码执行漏洞是用户通过浏览器提交执行命令，由于服务器端没有针对执行函数做过滤，导致在没有指定绝对路径的情况下就执行命令，可能会允许攻击者通过改变 $PATH 或程序执行环境的其他方面来执行一个恶意构造的代码。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-11909	2009-07-28		Microsoft Visual Studio和Internet Explorer未明远程代码执行漏洞		670 \| 0
SSV-11883	2009-07-27		Joomla Extension UIajaxIM 1.1 JavaScript Execution Vulnerability		855 \| 0
SSV-11867	2009-07-24		Adobe Acrobat, Reader和Flash Player远程代码执行漏洞		1266 \| 0
SSV-11865	2009-07-23		DD-WRT (httpd service) Remote Command Execution Vulnerability		879 \| 0
SSV-11844	2009-07-20		Google Chrome JavaScript规则表达式处理远程代码执行漏洞		713 \| 0
SSV-11825	2009-07-17		Discuz! admin\styles.inc.php get-webshell bug		1036 \| 0
SSV-11819	2009-07-16		Microsoft DirectX QuickTime媒体文件解析代码执行漏洞(MS09-028)		468 \| 0
SSV-11786	2009-07-10		Winds3D Viewer GetURL()函数远程代码执行漏洞		493 \| 0
SSV-11771	2009-07-09		OCS Inventory NG代理Backend.pm Perl模块处理代码执行漏洞		493 \| 0
SSV-11697	2009-06-24		Zen Cart 1.3.8 Remote Code Execution Exploit		1788 \| 0
SSV-11680	2009-06-23		MyBB <= 1.4.6 Remote Code Execution Exploit		1222 \| 0
SSV-11645	2009-06-18		Mozilla Firefox 'NPObject'访问远程代码执行漏洞		655 \| 0
SSV-11635	2009-06-17		SugarCRM 5.2.0e Remote Code Execution Vulnerability		1635 \| 0
SSV-11621	2009-06-15		'Compress::Raw::Zlib' Perl模块远程代码执行漏洞		1434 \| 0
SSV-12950	2009-06-15		DB Top Sites 1.0 Remote Command Execution Exploit		825 \| 0
SSV-11614	2009-06-13		Microsoft Windows RPC分组引擎远程代码执行漏洞(MS09-026)		657 \| 0
SSV-11582	2009-06-11		Microsoft活动目录服务LDAP报文内存破坏漏洞(MS09-018)		704 \| 0
SSV-11524	2009-06-05		Kloxo 5.75 (24 Issues) Multiple Remote Vulnerabilities		1479 \| 0
SSV-11515	2009-06-04		Podcast Generator <= 1.2 unauthorized Re-Installation Remote Exploit		868 \| 0
SSV-11484	2009-05-31		ecshop 2.6.2 Multiple Remote Command Execution Vulnerabilities		1905 \| 0
SSV-11420	2009-05-27		Soulseek 157 NS / 156. Remote Distributed Search Code Execution		849 \| 0
SSV-11402	2009-05-23		中国游戏中心游戏大厅 (CGAgent.dll) ActiveX Remote Code Execution Exploit		891 \| 0
SSV-11390	2009-05-22		BaoFeng (config.dll) ActiveX Remote Code Execution Exploit		1097 \| 0
SSV-13011	2009-05-21		ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit		816 \| 0
SSV-11377	2009-05-21		NC GBook 1.0 Remote Command injection Exploit		819 \| 0
SSV-11307	2009-05-15		Microsoft PowerPoint Sound Data (CVE-2009-0225)远程代码执行漏洞		899 \| 0
SSV-11301	2009-05-15		Microsoft PowerPoint PP4X32.DLL库多个栈溢出漏洞（MS09-017）		619 \| 0
SSV-11311	2009-05-15		StrawBerry 1.1.1 LFI / Remote Command Execution Exploit		762 \| 0
SSV-11282	2009-05-13		Microsoft PowerPoint多个安全漏洞		647 \| 0
SSV-11275	2009-05-12		Bitweaver <= 2.6 saveFeed() Remote Code Execution Exploit		1334 \| 0
SSV-11258	2009-05-10		TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit		1477 \| 0
SSV-11197	2009-05-05		eLitius 1.0 Remote Command Execution Exploit		1431 \| 0
SSV-11130	2009-04-30		Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit		1089 \| 0
SSV-11129	2009-04-30		Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit		1097 \| 0
SSV-13028	2009-04-28		Autodesk IDrop ActiveX Remote Code Execution Exploit		1868 \| 0
SSV-11108	2009-04-28		LightBlog <= 9.9.2 (register.php) Remote Code Execution Exploit		804 \| 0
SSV-11083	2009-04-23		Dokeos LMS <= 1.8.5 (include) Remote Code Execution Exploit		877 \| 0
SSV-11036	2009-04-17		DNS Tools (PHP Digger) Remote Command Execution Vuln		767 \| 0
SSV-10927	2009-04-01		Podcast Generator <= 1.1 Remote Code Execution Exploit		795 \| 0
SSV-10915	2009-03-31		X-Forum 0.6.2 Remote Command Execution Exploit		782 \| 0
SSV-10900	2009-03-28		My Simple Forum 7.1 (LFI) Remote Command Execution Exploit		838 \| 0
SSV-10879	2009-03-24		PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit		23942 \| 0
SSV-10851	2009-03-20		Hannon Hill Cascade Server Command Execution Vulnerability (post auth)		858 \| 0
SSV-10839	2009-03-19		Facil-CMS 0.1RC2 Multiple Remote Vulnerabilities		842 \| 0
SSV-10771	2009-03-06		SupportSoft DNA Editor Module (dnaedit.dll) Code Execution Exploit		788 \| 0
SSV-13070	2009-03-03		Imera ImeraIEPlugin ActiveX Control Remote Code Execution Exploit		746 \| 0
SSV-10760	2009-03-03		Joomla/Mambo Component eXtplorer Code Execution Vulnerability		816 \| 0
SSV-10739	2009-02-28		Hex Workshop v6 (.HEX File) Local Code Execution Exploit		1177 \| 0
SSV-10716	2009-02-24		pPIM 1.01 (notes.php id) Remote Command Execution Exploit		858 \| 0
SSV-10656	2009-02-20		Firepack (admin/ref.php) Remote Code Execution Exploit		849 \| 0
SSV-4783	2009-02-16		FreeBSD 'telnetd' Daemon Remote Code Execution Vulnerability		1205 \| 0
SSV-10632	2009-02-15		ea-gBook 0.1 Remote Command Execution with RFI (c99) Exploit		791 \| 0
SSV-10629	2009-02-15		Jieqi cms <= 1.5 remote code execution exploit		759 \| 0
SSV-10602	2009-02-10		ZeroShell <= 1.0beta11 Remote Code Execution Vulnerability		908 \| 0
SSV-10590	2009-02-10		Hedgehog-CMS <= 1.21 Remote Command Execution Exploit		755 \| 0
SSV-10599	2009-02-10		Hedgehog-CMS 1.21 (LFI) Remote Command Execution Exploit		788 \| 0
SSV-10589	2009-02-10		PHP Director <= 0.21 Remote Command Execution Exploit		905 \| 0
SSV-10580	2009-02-09		1024 CMS <= 1.4.4 Remote Command Execution with RFI (c99) Exploit		2023 \| 0
SSV-10545	2009-02-04		phpslash <= 0.8.1.1 Remote Code Execution Exploit		820 \| 0
SSV-10541	2009-02-04		RealVNC 4.1.2 (vncviewer.exe) RFB Protocol Remote Code Execution PoC		1695 \| 0
SSV-10546	2009-02-04		OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta)		721 \| 0
SSV-10523	2009-02-02		WOW - Web On Windows ActiveX Control 2 Remote Code Execution		940 \| 0
SSV-17820	2009-02-02		eVision CMS 2.0 Remote Code Execution Exploit		848 \| 0
SSV-17767	2009-01-25		MemHT Portal <= 4.0.1 (avatar) Remote Code Execution Exploit		802 \| 0
SSV-10476	2009-01-15		Oracle Secure Backup 10g exec_qr() Command Injection Vulnerability		1390 \| 0
SSV-4656	2009-01-12		Wordpress 2.7.0 admin remote code execution vulnerability		706 \| 0
SSV-10450	2009-01-12		fttss <= 2.0 Remote Command Execution Vulnerability		776 \| 0
SSV-10433	2009-01-09		XOOPS 2.3.2 (mydirname) Remote PHP Code Execution Exploit		1360 \| 0
SSV-10306	2008-12-23		RoundCube Webmail <= 0.2-3 beta Code Execution Vulnerability		1015 \| 0
SSV-10309	2008-12-23		RoundCube Webmail <= 0.2b Remote Code Execution Exploit		1011 \| 0
SSV-10266	2008-12-19		Phoenician Casino FlashAX ActiveX Remote Code Execution Exploit		1002 \| 0
SSV-10231	2008-12-13		SUMON <= 0.7.0 (chg.php host) Command Execution Vulnerability		896 \| 0
SSV-17616	2008-12-12		Moodle 1.9.3 Remote Code Execution Vulnerability		779 \| 0
SSV-17617	2008-12-12		VP-ASP Shopping Cart 6.50 Database Disclosure Vulnerability		845 \| 0
SSV-10200	2008-12-09		MG2 0.5.1 (filename) Remote Code Execution Vulnerability		821 \| 0
SSV-4501	2008-11-28		Vim多个插件字符转义任意命令执行漏洞		1129 \| 0
SSV-10086	2008-11-25		Goople Cms 1.7 Arbitrary Code Execution Vulnerability		853 \| 0
SSV-10082	2008-11-22		verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability		856 \| 0
SSV-10080	2008-11-22		KVIrc 3.4.2 Shiny (uri handler) Remote Command Execution Exploit		852 \| 0
SSV-10057	2008-11-19		No-IP DUC <= 2.1.7 Remote Code Execution Exploit		968 \| 0
SSV-10044	2008-11-17		MS Windows Server Service Code Execution Exploit (MS08-067) (2k/2k3)		887 \| 0
SSV-17504	2008-11-14		Discuz! 6.x/7.x Remote Code Execution Exploit		1774 \| 0
SSV-10002	2008-11-11		FREEsimplePHPguestbook (guestbook.php) Remote Code Execution Vulnerability		957 \| 0
SSV-17495	2008-11-10		AJ Auction Authentication Bypass Vulnerability		750 \| 0
SSV-17494	2008-11-10		AJSquare Free Polling Script (DB) Multiple Vulnerabilities		787 \| 0
SSV-9985	2008-11-09		MemHT Portal <= 4.0 Remote Code Execution Exploit		913 \| 0
SSV-9948	2008-11-06		DFLabs PTK <= 1.0 Local Command Execution Vulnerability		823 \| 0
SSV-9941	2008-11-05		Simple Machines Forum (SMF) 1.1.6 Remote Code Execution Exploit		2007 \| 0
SSV-9856	2008-10-31		Opera 9.62 (opera:allinone) Remote Code Execution Exploit PoC		1455 \| 0
SSV-9855	2008-10-31		Opera 9.61 opera:historysearch Code Execution Exploit PoC		1282 \| 0
SSV-9838	2008-10-30		Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability		887 \| 0
SSV-9835	2008-10-29		H2O-CMS <= 3.4 Remote Command Execution Exploit (mq = off)		784 \| 0
SSV-9813	2008-10-27		Ads Pro (dhtml.pl page) Remote Command Execution Exploit		816 \| 0
SSV-9815	2008-10-27		MS Windows Server Service Code Execution Exploit (MS08-067) (cn univ.)		1046 \| 0
SSV-9802	2008-10-25		MS Windows Server Service Code Execution PoC (MS08-067)		1161 \| 0
SSV-9741	2008-10-17		Mantis Bug Tracker <= 1.1.3 Remote Code Execution Exploit		863 \| 0
SSV-9727	2008-10-15		PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit		881 \| 0
SSV-9716	2008-10-14		LokiCMS 0.3.4 writeconfig() Remote Command Execution Exploit		837 \| 0
SSV-9696	2008-10-09		Kusaba <= 1.0.4 Remote Code Execution Exploit		832 \| 0
SSV-17413	2008-10-09		Kusaba <= 1.0.4 Remote Code Execution Exploit #2		818 \| 0

1
...
16
17
18
19
20
21
22
23
24
25