漏洞分类 - 代码执行 - Code Execution - 知道创宇 Seebug 漏洞平台

漏洞分类 — 代码执行

英文名字: Code Execution

漏洞详情：: 代码执行漏洞是用户通过浏览器提交执行命令，由于服务器端没有针对执行函数做过滤，导致在没有指定绝对路径的情况下就执行命令，可能会允许攻击者通过改变 $PATH 或程序执行环境的其他方面来执行一个恶意构造的代码。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-2147	2007-08-21		联想Automated Solutions ActiveX控件多个安全漏洞		1132 \| 0
SSV-7133	2007-08-11		Microsoft DXMedia SDK 6 (SourceUrl) ActiveX Remote Code Execution		804 \| 0
SSV-7132	2007-08-10		Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit		999 \| 0
SSV-7097	2007-07-31		VMware Inc 6.0.0 CreateProcess Remote Code Execution Exploit		1348 \| 0
SSV-7088	2007-07-28		mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server Data Write/Remote Code Execution		788 \| 0
SSV-7090	2007-07-28		Entertainment CMS (Local Inclusion) Remote Command Execution Exploit		782 \| 0
SSV-7075	2007-07-23		Joomla! CMS 1.5 beta 2 (search) Remote Code Execution Vulnerability		1239 \| 0
SSV-17053	2007-07-22		Joomla! CMS 1.5 beta 2 (search) Remote Code Execution Vulnerability		840 \| 0
SSV-7054	2007-07-19		Flash Player/Plugin Video file parsing Remote Code Execution POC		948 \| 0
SSV-7040	2007-07-12		SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln		907 \| 0
SSV-7013	2007-07-05		Pluxml 0.3.1 Remote Code Execution Exploit		801 \| 0
SSV-17044	2007-07-05		AsteriDex <= 3.0 Remote (callboth.php) Remote Code Execution Exploit		1044 \| 0
SSV-7007	2007-07-04		MyCMS <= 0.9.8 Remote Command Execution Exploit (2 method)		786 \| 0
SSV-7008	2007-07-04		MyCMS <= 0.9.8 Remote Command Execution Exploit		842 \| 0
SSV-6958	2007-06-22		BitchX 1.1-final (EXEC) Remote Command Execution Exploit		886 \| 0
SSV-17037	2007-06-19		Jasmine CMS 1.0 SQL Injection/Remote Code Execution Exploit		810 \| 0
SSV-6937	2007-06-13		Safari 3 for Windows Beta Remote Command Execution PoC		826 \| 0
SSV-6932	2007-06-12		Link Request Contact Form 3.4 Remote Code Execution Vulnerability		782 \| 0
SSV-17034	2007-06-08		e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit		987 \| 0
SSV-17032	2007-06-06		PBLang <= 4.67.16.a Remote Code Execution Exploit		764 \| 0
SSV-17031	2007-06-04		Sendcard <= 3.4.1 (Local File Inclusion) Remote Code Execution Exploit		844 \| 0
SSV-17030	2007-06-02		Quick.Cart <= 2.2 RFI/LFI Remote Code Execution Exploit		827 \| 0
SSV-17028	2007-05-29		Pheap 2.0 Admin Bypass / Remote Code Execution Exploit		895 \| 0
SSV-17027	2007-05-29		Inout Search Engine (all version) Remote Code Execution Exploit		813 \| 0
SSV-17024	2007-05-28		Vistered Little 1.6a (skin) Remote File Disclosure Vulnerability		775 \| 0
SSV-17025	2007-05-28		WAnewsletter <= 2.1.3 Remote File Inclusion Vulnerability		823 \| 0
SSV-17023	2007-05-27		Fundanemt <= 2.2.0 (spellcheck.php) Remote Code Execution Exploit		854 \| 0
SSV-17019	2007-05-25		gCards <= 1.46 SQL Injection/Remote Code Execution Exploit		852 \| 0
SSV-6854	2007-05-24		NavBoard 2.6.0 Remote Code Execution Exploit		774 \| 0
SSV-17016	2007-05-20		AlstraSoft Template Seller Pro <= 3.25 Remote Code Execution Exploit		827 \| 0
SSV-6794	2007-05-12		Monalbum 0.8.7 Remote Code Execution Exploit		821 \| 0
SSV-6761	2007-05-06		Nuked-klaN 1.7.6 Remote Code Execution Exploit		825 \| 0
SSV-6751	2007-05-05		Net Portal Dynamic System (NPDS) 5.10 Remote Code Execution (2)		814 \| 0
SSV-6724	2007-05-04		Winamp <= 5.34 .MP4 File Code Execution Exploit		1310 \| 0
SSV-17000	2007-05-04		Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution (2)		1017 \| 0
SSV-6737	2007-05-04		YaPIG 0.95b Remote Code Execution Exploit		1831 \| 0
SSV-6678	2007-04-23		Maran PHP Forum (forum_write.php) Remote Code Execution Vulnerability		728 \| 0
SSV-6662	2007-04-19		Mozzers SubSystem final (subs.php) Remote Code Execution Vulnerability		767 \| 0
SSV-6663	2007-04-19		AimStats 3.2 (process.php update) Remote Code Execution Exploit		836 \| 0
SSV-6657	2007-04-18		MiniGal b13 (image backdoor) Remote Code Execution Exploit		794 \| 0
SSV-6636	2007-04-17		VCDGear <= 3.56 Build 050213 (FILE) Local Code Execution Exploit		757 \| 0
SSV-6638	2007-04-17		PunBB 1.2.14 Remote Code Execution Exploit		1239 \| 0
SSV-6617	2007-04-15		LS simple guestbook (v1) Remote Code Execution Vulnerability		870 \| 0
SSV-6624	2007-04-15		Chatness 2.5.3 (options.php/save.php) Remote Code Execution Exploit		967 \| 0
SSV-16988	2007-04-12		Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit		830 \| 0
SSV-16979	2007-04-11		PunBB <= 1.2.14 Remote Code Execution Exploit		1429 \| 0
SSV-16968	2007-04-10		HIOX GUEST BOOK (HGB) 4.0 Remote Code Execution Vulnerability		929 \| 0
SSV-6595	2007-04-07		AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta)		1508 \| 0
SSV-6578	2007-04-04		MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit		1319 \| 0
SSV-6559	2007-04-02		JC URLshrink 1.3.1 Remote Code Execution Vulnerability		752 \| 0
SSV-16935	2007-03-26		IceBB 1.0-rc5 Remote Code Execution Exploit		857 \| 0
SSV-16936	2007-03-26		C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability		830 \| 0
SSV-16933	2007-03-25		PBlang 4.66z Remote Code Execution Exploit		794 \| 0
SSV-6414	2007-03-19		Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution		784 \| 0
SSV-16906	2007-03-14		Dayfox Blog 4 (postpost.php) Remote Code Execution Vulnerability		770 \| 0
SSV-6330	2007-03-08		PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit		1013 \| 0
SSV-6316	2007-03-08		Flat Chat 2.0 (include online.txt) Remote Code Execution Vulnerability		816 \| 0
SSV-6290	2007-03-04		webSPELL <= 4.01.02 Remote PHP Code Execution Exploit		1533 \| 0
SSV-6197	2007-02-16		Drupal < 5.1 (post comments) Remote Command Execution Exploit v2		1419 \| 0
SSV-6198	2007-02-16		Drupal < 4.7.6 (post comments) Remote Command Execution Exploit v2		1419 \| 0
SSV-6187	2007-02-14		Advanced Poll <= 2.0.5-dev Remote Code Execution Exploit		919 \| 0
SSV-16846	2007-02-13		Advanced Poll <= 2.0.5-dev Remote Code Execution Exploit		877 \| 0
SSV-6178	2007-02-11		GGCMS <= v1.1.0 RC1 Remote Auto Deface Exploit / Remote Code Execution Exploit		879 \| 0
SSV-6177	2007-02-11		KGB <= 1.9 Remote Code Execution Exploit		849 \| 0
SSV-6150	2007-02-07		Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit		907 \| 0
SSV-6146	2007-02-07		Microsoft Word 2000 Unspecified Code Execution Exploit (0day)		1161 \| 0
SSV-6140	2007-02-06		GGCMS <= 1.1.0 RC1 Remote Code Execution Exploit		937 \| 0
SSV-6124	2007-02-04		Microsoft Word 2000 Unspecified Code Execution Exploit (0day)		979 \| 0
SSV-6119	2007-02-03		F3Site <= 2.1 Remote Code Execution Exploit		842 \| 0
SSV-6086	2007-01-30		GuppY <= 4.5.16 Remote Commands Execution Exploit		822 \| 0
SSV-6052	2007-01-24		Vote-Pro 4.0 (poll_frame.php poll_id) Remote Code Execution Exploit		844 \| 0
SSV-5992	2007-01-13		sNews <= 1.5.30 Remote Reset Admin Pass / Command Exec Exploit		916 \| 0
SSV-5973	2007-01-10		@lex Guestbook <= 4.0.2 Remote Command Execution Exploit		1051 \| 0
SSV-1088	2007-01-04		WinZip FileView ActiveX控件CreateNewFolderFromName方法缓冲区溢出漏洞		1212 \| 0
SSV-5934	2007-01-01		MDForum <= 2.0.1 (PNSVlang) Remote Code Execution Exploit		820 \| 0
SSV-5936	2007-01-01		WebText <= 0.4.5.2 Remote Code Execution Exploit		818 \| 0
SSV-5900	2006-12-27		PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit		830 \| 0
SSV-5882	2006-12-26		logahead UNU edition 1.0 Remote Upload File / Code Execution Vuln		844 \| 0
SSV-5878	2006-12-25		Ultimate PHP Board <= 2.0b1 (chat/login.php) Code Execution Exploit		934 \| 0
SSV-998	2006-12-20		Intel 2200BG W29N51.SYS驱动信标帧远程执行代码漏洞		868 \| 0
SSV-5851	2006-12-20		Oracle <= 9i / 10g (extproc) Local/Remote Command Execution Exploit		961 \| 0
SSV-5833	2006-12-17		extreme-fusion <= 4.02 Remote Code Execution Exploit		940 \| 0
SSV-16784	2006-12-16		Bandwebsite <= 1.5 (Login) Remote Add Admin Exploit		881 \| 0
SSV-16785	2006-12-16		mxBB Module Meeting <= 1.1.2 Remote FileInclusion Vulnerability		886 \| 0
SSV-5823	2006-12-14		MS Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC		864 \| 0
SSV-5819	2006-12-13		phpAlbum <= v0.4.1 Beta6 Remote Code Execution Exploit		853 \| 0
SSV-5818	2006-12-13		Microsoft Word Document Code Execution Proof of Concept		1103 \| 0
SSV-5807	2006-12-11		TorrentFlux 2.2 Command Execution Exploit		1456 \| 0
SSV-5808	2006-12-11		TorrentFlux 2.2 Database Credentials Exposure Exploit		1452 \| 0
SSV-5793	2006-12-09		MamboServerCache_library远程任意命令执行漏洞 Exploit		1218 \| 0
SSV-5781	2006-12-08		phpBBHTTP应答分割攻击及跨站脚本执行漏洞 Exploit		1168 \| 0
SSV-5782	2006-12-08		phpBB多个跨站脚本执行漏洞 Exploit		1120 \| 0
SSV-5773	2006-12-08		GoScript远程任意命令执行漏洞 Exploit		892 \| 0
SSV-5774	2006-12-08		FlatNuke用户数据任意PHP代码执行漏洞 Exploit		873 \| 0
SSV-5733	2006-12-06		XMB <= 1.9.6 Final basename() Remote Command Execution Exploit		1376 \| 0
SSV-5730	2006-12-06		SAPID CMS <= 1.2.3_rc3 (rootpath) Remote Code Execution Exploit		817 \| 0
SSV-5674	2006-12-05		TWiki <= 4.0.4 (configure) Remote Command Execution Exploit		1429 \| 0
SSV-5683	2006-12-05		RoarSmithinfo2www远程执行任意命令漏洞 Exploit		877 \| 0
SSV-5682	2006-12-05		AnyForm脚本远程可执行任意命令漏洞 Exploit		1012 \| 0
SSV-5667	2006-12-05		Envolution <= 1.1.0 (PNSVlang) Remote Code Execution Exploit		859 \| 0

1
...
18
19
20
21
22
23
24
25