CVE-2007-0170

PHP remote file inclusion vulnerability in index.php in AllMyVisitors 0.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the AMV_serverpath parameter.

Publication date: Thu, 11 Jan 2007 06:28:00 +0000


Cyber News related to CVE-2007-0170

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago
CVE-2007-0170 - PHP remote file inclusion vulnerability in index.php in AllMyVisitors 0.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the AMV_serverpath parameter. ...
7 years ago
CVE-2006-0170 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0035. Reason: This candidate is a duplicate of CVE-2006-0035. Notes: All CVE users should reference CVE-2006-0035 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
CVE-2011-2999 - Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, ...
7 years ago
CVE-2022-0170 - peertube is vulnerable to Improper Access Control ...
2 years ago
CVE-2000-0170 - Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. ...
16 years ago
CVE-2015-0170 - IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows local users to obtain sensitive information by reading cached data. ...
9 years ago
CVE-2002-0170 - Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration. ...
8 years ago
CVE-2003-0170 - Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. ...
7 years ago
CVE-2014-0170 - Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity (XXE) issue. <a ...
7 years ago
CVE-2010-0170 - Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are ...
7 years ago
CVE-2011-0170 - Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile ...
7 years ago
CVE-2017-0170 - Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability ...
7 years ago
CVE-2001-0170 - glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. ...
7 years ago
CVE-2016-0170 - GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted ...
6 years ago
CVE-2009-0170 - Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in ...
6 years ago
CVE-2019-0170 - Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. ...
5 years ago
CVE-2018-0170 - A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition, related to the OpenDNS software. The vulnerability is due to a logic ...
4 years ago
CVE-2020-0170 - In IMY_Event of eas_imelody.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: ...
3 years ago
CVE-2012-0170 - Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability." ...
3 years ago
CVE-2021-0170 - Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable ...
2 years ago
CVE-1999-0170 - Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. ...
2 years ago
CVE-2021-41000 - Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, ...
2 years ago
CVE-2021-41002 - Multiple authenticated remote path traversal vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, ...
2 years ago
CVE-2021-41003 - Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)