漏洞分类 - 代码执行 - Code Execution - Seebug 漏洞平台

漏洞分类 — 代码执行

英文名字: Code Execution

漏洞详情：: 代码执行漏洞是用户通过浏览器提交执行命令，由于服务器端没有针对执行函数做过滤，导致在没有指定绝对路径的情况下就执行命令，可能会允许攻击者通过改变 $PATH 或程序执行环境的其他方面来执行一个恶意构造的代码。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-15922	2006-03-15		php iCalendar <= 2.21 (publish.ical.php) Remote Code Execution Exploit		951 \| 0
SSV-15919	2006-03-13		Simple PHP Blog <= 0.4.7.1 Remote Command Execution Exploit		907 \| 0
SSV-15914	2006-03-11		GuestBook Script <= 1.7 (include_files) Remote Code Execution Exploit		918 \| 0
SSV-15911	2006-03-10		Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service		1628 \| 0
SSV-15912	2006-03-10		Guppy <= 4.5.11 (Delete Databases) Remote Denial of Service Exploit		891 \| 0
SSV-15909	2006-03-09		Light Weight Calendar 1.x (date) Remote Code Execution Vulnerability		879 \| 0
SSV-15910	2006-03-09		JiRos Banner Experience 1.0 (Create Admin Bypass) Remote Exploit		930 \| 0
SSV-15904	2006-03-07		Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta)		969 \| 0
SSV-15896	2006-03-05		LibTiff 3.7.1 (BitsPerSample Tag) Local Buffer Overflow Exploit		898 \| 0
SSV-15895	2006-03-04		Fantastic News <= 2.1.2 (script_path) Remote Code Execution Exploit		882 \| 0
SSV-15888	2006-03-02		phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution (2)		895 \| 0
SSV-15884	2006-03-01		Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit		983 \| 0
SSV-15885	2006-03-01		phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution		915 \| 0
SSV-15879	2006-02-26		4Images <= 1.7.1 (Local Inclusion) Remote Code Execution Exploit		1514 \| 0
SSV-15873	2006-02-25		iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit		1014 \| 0
SSV-15868	2006-02-23		NOCC Webmail <= 1.0 (Local Inclusion) Remote Code Execution Exploit		1003 \| 0
SSV-15867	2006-02-22		Noahs Classifieds <= 1.3 (lowerTemplate) Remote Code Execution		863 \| 0
SSV-15860	2006-02-19		Admbook <= 1.2.2 (X-Forwarded-For) Remote Command Execution Exploit		941 \| 0
SSV-15858	2006-02-17		Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit		883 \| 0
SSV-15859	2006-02-17		Coppermine Photo Gallery <= 1.4.3 Remote Commands Execution Exploit		1137 \| 0
SSV-15797	2005-12-20		PHPGedView <= 3.3.7 Arbitrary Remote Code Execution Exploit		883 \| 0
SSV-13620	2005-12-15		Watchfire AppScan QA 5.0.x Remote Code Execution Exploit PoC		940 \| 0
SSV-15791	2005-12-12		phpCOIN 1.2.2 (phpcoinsessid) SQL Inj / Remote Code Execution Exploit		913 \| 0
SSV-15786	2005-12-08		Website Baker <= 2.6.0 Login Bypass / Remote Code Execution Exploit		941 \| 0
SSV-15787	2005-12-08		SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)		882 \| 0
SSV-15782	2005-12-07		SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit		901 \| 0
SSV-15710	2005-10-14		w-Agora <= 4.2.0 (quicklist.php) Remote Code Execution Exploit		926 \| 0
SSV-15683	2005-09-13		AzDGDatingLite <= 2.1.3 Remote Code Execution Exploit		982 \| 0
SSV-15677	2005-09-09		Class-1 Forum <= 0.24.4 Remote Code Execution Exploit		883 \| 0
SSV-15654	2005-08-10		Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)		960 \| 0
SSV-15652	2005-08-09		Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit		1003 \| 0
SSV-15651	2005-08-08		Flatnuke <= 2.5.5 Remote Code Execution		850 \| 0
SSV-13656	2005-07-21		Intruder Client 1.00 Remote Command Execution & DoS Exploit		907 \| 0
SSV-13682	2005-04-19		MS Exchange Server Remote Code Execution Exploit (MS05-021)		1737 \| 0
SSV-15406	2004-12-05		phpBB v1.0.0 - 2.0.10 admin_cash.php remote exploit		1090 \| 0
SSV-13752	2004-10-06		Icecast <= 2.0.1 Win32 Remote Code Execution Exploit		959 \| 0
SSV-13765	2004-08-25		Winamp <= 5.04 Skin File (.wsz) Remote Code Execution Exploit		1455 \| 0
SSV-13831	2003-05-12		Snitz Forums 3.3.03 Remote Command Execution Exploit		1196 \| 0

1
...
20
21
22
23
24
25