漏洞分类 — 代码执行

英文名字
Code Execution
漏洞详情:
代码执行漏洞是用户通过浏览器提交执行命令,由于服务器端没有针对执行函数做过滤,导致在没有指定绝对路径的情况下就执行命令,可能会允许攻击者通过改变 $PATH 或程序执行环境的其他方面来执行一个恶意构造的代码。

相关漏洞

SSV ID 漏洞名称
SSV-5684 MattWrighttextcounter.pl远程执行命令漏洞 Exploit
SSV-5643 PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit
SSV-16757 PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit
SSV-5542 Links 1.00pre12 (smbclient) Remote Code Execution Exploit
SSV-5497 iWare Pro <= 5.0.4 (chat_panel.php) Remote Code Execution Vulnerability
SSV-403 Fenestrae Faxination Server远程代码执行漏洞
SSV-5469 PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit
SSV-398 Intel PRO/Wireless网络连接驱动远程代码执行漏洞
SSV-387 Mcafee SecurityCenter远程命令执行漏洞
SSV-5463 Innovate Portal <= 2.0 (acp.php) Remote Code Execution Exploit
SSV-5446 Nitrotech 0.0.3a (includes/common.php) Remote Code Execution Exploit
SSV-345 PHP ZendEngine ECalloc 整数溢出漏洞
SSV-5427 phpPowerCards 2.10 (txt.inc.php) Remote Code Execution Vulnerability
SSV-5428 PHP-Post <= 1.01 (template) Remote Code Execution Exploit
SSV-5255 JaxUltraBB <= 2.0 Topic Reply Command Execution Exploit
SSV-78 SoftBB多个远程代码执行及信息泄露漏洞
SSV-5225 Mozilla Firefox Javascript Navigator Object Remote Code Execution Vulnerability
SSV-5206 Snitz Forum 3.3.03 Remote Command Execution Exploit
SSV-5210 mnoGoSearch 3.1.20 Remote Command Execution Exploit
SSV-5205 Kerio Personal Firewall 2.1.4 Remote Code Execution Exploit
SSV-5234 RaidenHTTPD 1.1.49 (SoftParserFileXml) Remote Code Execution Exploit
SSV-5229 Microsoft Windows Hyperlink Object Library Remote Code Execution(MS06-050)
SSV-16694 WSN Forum <= 1.3.4 (prestart.php) Remote Code Execution Exploit
SSV-16686 Boonex Dolphin <= 5.2 index.php Remote Code Execution Exploit
SSV-16684 Comdev One Admin 4.1 adminfoot.php Remote Code Execution Exploit
SSV-16573 KGB 1.87 (Local Inclusion) Remote Code Execution Exploit
SSV-16504 Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit
SSV-16472 CCleague Pro <= 1.0.1RC1 (Cookie) Remote Code Execution Exploit
SSV-16463 DokuWiki <= 2006-03-09b (dwpage.php) Remote Code Execution Exploit
SSV-16464 DokuWiki <= 2006-03-09b (dwpage.php) System Disclosure Exploit
SSV-16453 PhpCommander <= 3.0 (upload) Remote Code Execution Exploit
SSV-16443 SoftBB 0.1 (cmd) Remote Command Execution Exploit
SSV-16441 pHNews <= alpha 1 (templates_dir) Remote Code Execution Exploit
SSV-16442 PHP Proxima <= v.6 completepack Remote Code Execution Exploit
SSV-16422 MiniBill <= 1.22b config[plugin_dir] Remote File Inclusion Vulnerabilities
SSV-13560 IBM eGatherer <= 3.20.0284.0 (ActiveX) Remote Code Execution Exploit
SSV-16421 PortailPHP mod_phpalbum <= 2.1.5 (chemin) Remote Include Vuln
SSV-16420 phpGroupWare <= 0.9.16.010 GLOBALS[] Remote Code Execution Exploit
SSV-16418 e107 <= 0.75 (GLOBALS Overwrite) Remote Code Execution Exploit
SSV-16419 Web3news <= 0.95 (PHPSECURITYADMIN_PATH) Remote Include Vuln
SSV-16413 iziContents <= RC6 GLOBALS[] Remote Code Execution Exploit
SSV-13566 Internet Explorer (MDAC) Remote Code Execution Exploit (MS06-014) (2)
SSV-16347 Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion Vulnerability
SSV-16343 TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (meta)
SSV-16345 SaveWeb Portal <= 3.4 (SITE_Path) Remote File Inclusion Vulnerabilities
SSV-16344 Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BOF Exploit (2)
SSV-16348 TSEP <= 0.942 (colorswitch.php) Remote Inclusion Vulnerability
SSV-16346 TinyPHP Forum <= 3.6 (makeadmin) Remote Admin Maker Exploit
SSV-16252 Pivot <= 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit
SSV-16236 GeekLog <= 1.4.0sr3 f(u)ckeditor Remote Code Execution Exploit
SSV-16191 MyBulletinBoard (MyBB) < 1.1.3 Remote Code Execution Exploit
SSV-16176 MailEnable Enterprise <= 2.0 (ASP Version) Multiple Vulnerabilities
SSV-16175 Guestex Guestbook 1.00 (email) Remote Code Execution Exploit
SSV-16162 Claroline <= 1.7.6 (includePath) Remote Code Execution Exploit
SSV-16161 SCart 2.0 (page) Remote Code Execution Exploit
SSV-16143 TinyPHP Forum <= 3.6 (profile.php) Remote Code Execution Exploit
SSV-16096 phpListPro <= 2.0.1 (Language) Remote Code Execution Exploit
SSV-16058 HiveMail <= 1.3 (addressbook.add.php) Remote Code Execution Exploit
SSV-16037 Aardvark Topsites PHP <= 4.2.2 (path) Remote File Inclusion Vuln
SSV-16038 phpMyAgenda <= 3.0 Final (rootagenda) Remote Include Vulnerability
SSV-16039 Aardvark Topsites PHP <= 4.2.2 (lostpw.php) Remote Include Exploit
SSV-16036 Limbo CMS <= 1.0.4.2 (sql.php) Remote File Inclusion Vulnerability
SSV-16035 Knowledge Base Mod <= 2.0.2 (phpBB) Remote Inclusion Vulnerability
SSV-16033 Invision Power Board <= 2.1.5 search.php Remote Code Execution Exploit
SSV-16034 OpenPHPNuke <= 2.3.3 Remote File Inclusion Vulnerability
SSV-16027 Invision Power Board <= 2.1.5 (lastdate) Remote Code Execution Exploit
SSV-16014 My Gaming Ladder Combo System <= 7.0 Remote Code Execution Exploit
SSV-16008 RechnungsZentrale V2 <= 1.1.3 Remote Inclusion Vulnerability
SSV-16007 Mambo <= 4.5.3 Joomla <=1.0.7 (feed) Denial of Service Exploit
SSV-16006 PCPIN Chat <= 5.0.4 (login/language) Remote Code Execution Exploit
SSV-16005 PHP Net Tools <= 2.7.1 Remote Code Execution Exploit
SSV-15996 PHP Album <= 0.3.2.3 Remote Command Execution Exploit
SSV-15993 phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit
SSV-15995 SysInfo 1.21 (sysinfo.cgi) Remote Command Execution Exploit
SSV-15994 osCommerce <= 2.2 (extras) Source Code Disclosure Vulnerability
SSV-15989 Censtore <= 7.3.x (censtore.cgi) Remote Command Execution Exploit
SSV-15988 vBulletin ImpEx <= 1.74 Remote Command Execution Exploit
SSV-15991 panic-reloaded TCP Denial of Service Tool
SSV-15992 PAJAX <= 0.5.1 Remote Code Execution Exploit
SSV-15990 quizz <= 1.01 (quizz.pl) Remote Command Execution Exploit
SSV-15986 PHP121 Instant Messenger <= 1.4 Remote Code Execution Exploit
SSV-15982 phpBB <= 2.0.19 (user_sig_bbcode_uid) Remote Code Execution Exploit
SSV-15981 Horde <= 3.0.9 3.1.0 (Help Viewer) Remote Code Execution (metasploit)
SSV-15980 PHPList <= 2.10.2 GLOBALS[] Remote Code Execution Exploit
SSV-15974 ADODB < 4.70 (tmssql.php) Denial of Service Vulnerability
SSV-15973 Horde Help Viewer <= 3.1 Remote Command Execution Exploit
SSV-15972 phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit
SSV-15971 phpMyChat <= 0.14.5 (SYS enter) Remote Code Execution Exploit
SSV-15970 Crafty Syntax Image Gallery <= 3.1g Remote Code Execution Exploit
SSV-15961 ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit
SSV-15962 VWar 1.5.0 R12 Remote File Inclusion Exploit
SSV-15958 Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit
SSV-15949 Aztek Forum 4.00 (myadmin.php) User Privilege Escalation Exploit
SSV-15941 WebAlbum <= 2.02pl COOKIE[skin2] Remote Code Execution Exploit
SSV-13592 MS Internet Explorer (createTextRang) Remote Code Execution Exploit
SSV-15935 FreeWPS <= 2.11 (images.php) Remote Code Execution Exploit
SSV-15924 Nodez <= 4.6.1.1 Mercury Multiple Remote Vulnerabilities
SSV-15926 ShoutLIVE <= 1.1.0 (savesettings.php) Remote Code Execution Exploit
SSV-15921 php iCalendar <= 2.21 (Cookie) Remote Code Execution Exploit
SSV-15922 php iCalendar <= 2.21 (publish.ical.php) Remote Code Execution Exploit
京ICP备10040895号 京公网安备 11010502034610号 Copyright @ 404 Team from Knownsec. English