CVE-2007-0704

PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation.

Publication date: Sun, 04 Feb 2007 06:28:00 +0000

Cyber News related to CVE-2007-0704

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-0704 - PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove ...
7 years ago

CVE-2019-0704 - An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0821. ...
4 years ago

CVE-2019-0821 - An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0704. ...
4 years ago

CVE-2019-0703 - An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821. ...
4 years ago

CVE-2016-0704 - An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during ...
2 years ago

CVE-2021-0704 - In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information ...
3 years ago

CVE-1999-0704 - Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. ...
16 years ago

CVE-2010-0704 - Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field. ...
14 years ago

CVE-2013-0704 - Directory traversal vulnerability in the GREE application before 1.3.3 for Android allows remote attackers to obtain sensitive information via a crafted URL, which is not properly handled during interaction with other applications. ...
11 years ago

CVE-2014-0704 - The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a denial of service (memory over-read and device restart) ...
10 years ago

CVE-2002-0704 - The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages. ...
1 year ago

CVE-2015-0704 - Multiple cross-site request forgery (CSRF) vulnerabilities in API features in Cisco Unified MeetingPlace 8.6(1.9) allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus95884. ...
8 years ago

CVE-2000-0704 - Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands. ...
7 years ago

CVE-2003-0704 - KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which allows local users to gain privileges via the $DRIVER_KEXT environment variable in (1) viha_driver.sh, (2) macjack_load.sh, (3) airojack_load.sh, (4) ...
7 years ago

CVE-2004-0704 - Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.18 before 2.18rc1, when configured to hide products, allows remote attackers to view hidden products. ...
7 years ago

CVE-2006-0704 - iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the integrator/apps directory, which results in ...
7 years ago

CVE-2008-0704 - Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain ...
7 years ago

CVE-2009-0704 - SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action. ...
7 years ago

CVE-2005-0704 - Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. ...
7 years ago

CVE-2001-0704 - tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist. ...
7 years ago

CVE-2011-0704 - 389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request. ...
6 years ago

CVE-2018-0704 - Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen. ...
6 years ago

CVE-2017-0704 - A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-33059280. ...
5 years ago

CVE-2020-0704 - An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Wireless Network ...
3 years ago

Latest Cyber News

CVE-2025-1193 - 1 day ago
CVE-2024-11621 - 1 day ago
CVE-2025-1147 - 1 day ago
CVE-2025-1148 - 1 day ago
CVE-2024-8684 - 1 day ago
CVE-2024-8685 - 1 day ago
CVE-2025-1175 - 1 day ago
CVE-2025-25247 - 1 day ago
CVE-2025-1099 - 1 day ago
CVE-2025-21684 - 2 days ago
CVE-2025-21685 - 2 days ago
CVE-2024-57949 - 2 days ago
CVE-2024-13440 - 2 days ago
CVE-2025-0169 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago
CVE-2023-4927 - 2 days ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-1099 - 1 day ago
CVE-2025-25247 - 1 day ago
CVE-2024-8684 - 1 day ago
CVE-2024-8685 - 1 day ago
CVE-2025-1175 - 1 day ago
CVE-2024-11621 - 1 day ago
CVE-2025-1147 - 1 day ago
CVE-2025-1148 - 1 day ago
CVE-2025-1193 - 1 day ago
CVE-2025-1115 - 3 days ago
CVE-2025-1116 - 3 days ago
CVE-2024-13850 - 3 days ago
CVE-2025-1117 - 3 days ago
CVE-2024-54176 - 2 days ago
CVE-2023-4927 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago