漏洞分类 - 代码执行 - Code Execution - 知道创宇 Seebug 漏洞平台

漏洞分类 — 代码执行

英文名字: Code Execution

漏洞详情：: 代码执行漏洞是用户通过浏览器提交执行命令，由于服务器端没有针对执行函数做过滤，导致在没有指定绝对路径的情况下就执行命令，可能会允许攻击者通过改变 $PATH 或程序执行环境的其他方面来执行一个恶意构造的代码。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-9652	2008-10-02		phpScheduleIt <= 1.2.10 (reserve.php) Remote Code Execution Exploit		872 \| 0
SSV-9611	2008-09-28		Yoxel <= 1.23beta (itpm_estimate.php a) Remote Code Execution Vuln		818 \| 0
SSV-9573	2008-09-25		Observer 0.3.2.1 Multiple Remote Command Execution Vulnerabilities		833 \| 0
SSV-9551	2008-09-24		Invision Power Board 2.* commands execution exploit by RST/GHC		1083 \| 0
SSV-9560	2008-09-24		WebPortal CMS <= 0.7.4 (code) Remote Code Execution Vulnerability		838 \| 0
SSV-9549	2008-09-22		TWiki <= 4.2.2 (action) Remote Code Execution Vulnerability		1451 \| 0
SSV-9537	2008-09-21		Advanced Electron Forum <= 1.0.6 Remote Code Execution Vulnerability		829 \| 0
SSV-9478	2008-09-12		minb 0.1.0 Remote Code Execution Exploit		764 \| 0
SSV-9423	2008-09-10		devalcms 1.4a XSS / Remote Code Execution Exploit		1135 \| 0
SSV-9415	2008-09-10		Moodle <= 1.8.4 Remote Code Execution Exploit		827 \| 0
SSV-9422	2008-09-10		AWStats Totals (awstatstotals.php sort) Remote Code Execution Exploit		1193 \| 0
SSV-9367	2008-08-27		Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit		782 \| 0
SSV-9283	2008-08-11		IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit		786 \| 0
SSV-9261	2008-08-09		Mozilla Firefox <= 1.0.4 "Set As Wallpaper" Code Execution Exploit		898 \| 0
SSV-9253	2008-08-07		LoveCMS 1.6.2 Final Remote Code Execution Exploit		785 \| 0
SSV-9252	2008-08-07		Multiple Wsn Products (LFI) Code Execution Vulnerability		769 \| 0
SSV-9243	2008-08-04		TGS CMS 0.3.2r2 Remote Code Execution Exploit		1015 \| 0
SSV-9225	2008-08-01		Coppermine Photo Gallery <= 1.4.18 LFI / Remote Code Execution Exploit		5016 \| 0
SSV-9223	2008-08-01		Symphony <= 1.7.01 (non-patched) Remote Code Execution Exploit		820 \| 0
SSV-9219	2008-07-31		Pligg <= 9.9.0 Remote Code Execution Exploit		13366 \| 0
SSV-9150	2008-07-23		IntelliTamper 2.07 (server header) Remote Code Execution Exploit		787 \| 0
SSV-9151	2008-07-23		IntelliTamper 2.07 (map file) Local Arbitrary Code Execution Exploit (pl)		861 \| 0
SSV-13190	2008-07-22		IntelliTamper 2.07 (server header) Remote Code Execution Exploit		768 \| 0
SSV-9131	2008-07-17		PHPizabi 0.848b C1 HFP1 Remote Code Execution Exploit		3843 \| 0
SSV-9031	2008-07-14		fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit		909 \| 0
SSV-9025	2008-07-13		fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)		888 \| 0
SSV-9024	2008-07-13		fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (php)		819 \| 0
SSV-9018	2008-07-12		Core Image Fun House <= 2.0 Arbitrary Code Execution PoC (OSX)		800 \| 0
SSV-9002	2008-07-09		Poppler <= 0.8.4 libpoppler uninitialized pointer Code Execution PoC		1672 \| 0
SSV-8988	2008-07-08		Neutrino 0.8.4 Atomic Edition Remote Code Execution Exploit		826 \| 0
SSV-8916	2008-07-06		fuzzylime (cms) 3.01 Remote Command Execution Exploit		840 \| 0
SSV-8893	2008-07-02		PHP-Nuke Platinium <= 7.6.b.5 Remote Code Execution Exploit		1268 \| 0
SSV-8717	2008-06-14		XChat <= 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)		1396 \| 0
SSV-8678	2008-06-06		Mozilla Firefox Install Method Remote Arbitrary Code Execution Exploit		905 \| 0
SSV-8679	2008-06-06		Mozilla Firefox view-source:javascript url Code Execution Exploit		873 \| 0
SSV-8656	2008-06-05		Webmin BruteForce and Command Execution Exploit		1608 \| 0
SSV-8663	2008-06-05		MS Windows 2000 WINS Remote Code Execution Exploit		813 \| 0
SSV-8662	2008-06-05		MS Internet Explorer Remote Code Execution with Parameters - PoC		926 \| 0
SSV-8641	2008-06-05		Icecast <= 2.0.1 Win32 Remote Code Execution Exploit (modded)		726 \| 0
SSV-8566	2008-06-04		1Book Guestbook Script Code Execution Vulnerability		999 \| 0
SSV-8497	2008-05-22		Alcatel OmniPCX Office 210/061.1 Remote Command Execution Vuln		894 \| 0
SSV-8419	2008-05-11		Open Office.org 2.31 swriter Local Code Execution Exploit		877 \| 0
SSV-17224	2008-05-02		ItCMS 1.9 (boxpop.php) Remote Code Execution Vulnerability		754 \| 0
SSV-17221	2008-04-30		OxYProject 0.85 (edithistory.php) Remote Code Execution Vulnerability		889 \| 0
SSV-8372	2008-04-24		YouTube Clone Script (spages.php) Remote Code Execution Exploit		771 \| 0
SSV-8327	2008-04-15		KwsPHP (Upload) Remote Code Execution Exploit		813 \| 0
SSV-8295	2008-04-09		FLABER <= 1.1 RC1 Remote Command Execution Exploit		795 \| 0
SSV-8269	2008-04-08		LinPHA <= 1.3.2 (maps plugin) Remote Command Execution Exploit		1387 \| 0
SSV-8287	2008-04-08		CDNetworks Nefficient Download (NeffyLauncher.dll) Code Execution Vulnerabilities		904 \| 0
SSV-8237	2008-04-02		Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit		1296 \| 0
SSV-8195	2008-03-22		Microsoft Office Excel Code Execution Exploit (MS08-014)		1103 \| 0
SSV-8193	2008-03-21		CenterIM <= 4.22.3 Remote Command Execution Vulnerability		835 \| 0
SSV-17166	2008-03-11		Mapbender <= 2.4.4 (mapFiler.php) Remote Code Execution Vulnerability		787 \| 0
SSV-8101	2008-02-14		PacerCMS 0.6 (last_module) Remote Code Execution Vulnerability		790 \| 0
SSV-8102	2008-02-14		SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability		827 \| 0
SSV-17154	2008-02-09		Journalness <= 4.1 (last_module) Remote Code Execution exploit		818 \| 0
SSV-17153	2008-02-09		Open-Realty <= 2.4.3 (last_module) Remote Code Execution Exploit		1072 \| 0
SSV-8030	2008-01-31		Coppermine Photo Gallery 1.4.14 Remote Command Execution Exploit		1370 \| 0
SSV-8014	2008-01-30		Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability		807 \| 0
SSV-7913	2008-01-25		Comodo AntiVirus 2.0 ExecuteStr() Remote Command Execution Exploit		779 \| 0
SSV-7906	2008-01-23		SetCMS 3.6.5 (setcms.org) Remote Command Execution Exploit		850 \| 0
SSV-7907	2008-01-23		YaBB SE <= 1.5.5 Remote Command Execution Exploit		1700 \| 0
SSV-7875	2008-01-18		AuraCMS 1.62 (stat.php) Remote Code Execution Exploit		1315 \| 0
SSV-7872	2008-01-17		MyBulletinBoard (MyBB) <= 1.2.10 Remote Code Execution Exploit		1189 \| 0
SSV-7824	2008-01-10		SAP MaxDB <= 7.6.03.07 pre-auth Remote Command Execution Exploit		1339 \| 0
SSV-7823	2008-01-10		Microsoft VFP_OLE_Server ActiveX Remote Command Execution		835 \| 0
SSV-7826	2008-01-10		Docebo <= 3.5.0.3 (lib.regset.php) Command Execution Exploit		904 \| 0
SSV-7825	2008-01-10		McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC		951 \| 0
SSV-7813	2008-01-08		TUTOS 1.3 (cmd.php) Remote Command Execution Vulnerability		789 \| 0
SSV-7802	2008-01-07		LoudBlog <= 0.6.1 (parsedpage) Remote Code Execution Vulnerability		797 \| 0
SSV-7805	2008-01-07		CuteNews 1.1.1 (html.php) Remote Code Execution Vulnerability		846 \| 0
SSV-7757	2007-12-31		XCMS <= 1.83 Remote Command Execution Exploit		820 \| 0
SSV-7751	2007-12-30		jPORTAL 2.3.1 & UserPatch (forum.php) Remote Code Execution Exploit		1482 \| 0
SSV-7745	2007-12-28		xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability		841 \| 0
SSV-7732	2007-12-26		PMOS Help Desk <= 2.4 Remote Command Execution Exploit		801 \| 0
SSV-7713	2007-12-25		Mozilla Firefox 1.5 location.QueryInterface() Code Execution (osx)		859 \| 0
SSV-7691	2007-12-22		Shadowed Portal <= 5.7d3 Remote Command Execution Exploit		815 \| 0
SSV-7649	2007-12-19		RaidenHTTPD 2.0.19 (ulang) Remote Command Execution Exploit		797 \| 0
SSV-7628	2007-12-15		Anon Proxy Server 0.1000 Remote Command Execution Vulnerability		819 \| 0
SSV-7590	2007-12-12		HP Compaq Notebooks ActiveX Remote Code Execution Exploit		923 \| 0
SSV-7591	2007-12-12		SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit		806 \| 0
SSV-7543	2007-12-04		Microsoft Excel Unspecified Remote Code Execution Exploit		1053 \| 0
SSV-7507	2007-11-25		PBLang <= 4.99.17.q Remote File Rewriting / Command Execution		831 \| 0
SSV-7496	2007-11-23		KB-Bestellsystem (kb_whois.cgi) Command Execution Vulnerability		814 \| 0
SSV-7494	2007-11-23		VigileCMS <= 1.8 Stealth Remote Command Execution Exploit		846 \| 0
SSV-7490	2007-11-21		Ucms <= 1.8 Backdoor Remote Command Execution Exploit		892 \| 0
SSV-7466	2007-11-11		Microsoft Internet Explorer TIF/TIFF Code Execution (MS07-055)		933 \| 0
SSV-7458	2007-11-07		JBC Explorer <= 7.20 RC 1 Remote Code Execution Exploit		908 \| 0
SSV-7444	2007-11-02		Scribe <= 0.2 Remote PHP Code Execution Vulnerability		744 \| 0
SSV-7432	2007-10-30		Kodak Image Viewer TIF/TIFF Code Execution Exploit PoC (MS07-055)		788 \| 0
SSV-7410	2007-10-24		Flatnuke 3 Remote Command Execution / Privilege Escalation		773 \| 0
SSV-7375	2007-10-13		TikiWiki <= 1.9.8 tiki-graph_formula.php Command Execution Exploit		1439 \| 0
SSV-17090	2007-10-09		LightBlog 8.4.1.1 Remote Code Execution Exploit		820 \| 0
SSV-2263	2007-10-03		Apple iPhone蓝牙任意代码执行漏洞		974 \| 0
SSV-7302	2007-09-22		CMS Made Simple 1.2 Remote Code Execution Vulnerability		1245 \| 0
SSV-7290	2007-09-19		Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution		1040 \| 0
SSV-7287	2007-09-19		Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution Exploit		806 \| 0
SSV-7285	2007-09-19		jetAudio 7.x ActiveX DownloadFromMusicStore() Code Execution Exploit		819 \| 0
SSV-7277	2007-09-18		Shop-Script FREE <= 2.0 Remote Command Execution Exploit		1448 \| 0
SSV-7258	2007-09-12		Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution		1231 \| 0

1
...
17
18
19
20
21
22
23
24
25