CVE-2007-4605

PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual War (VWar) 1.5.0 R15 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter, a different vector than CVE-2006-1503, CVE-2006-1636, and CVE-2006-1747.

Publication date: Fri, 31 Aug 2007 05:17:00 +0000

Cyber News related to CVE-2007-4605

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-4605 - PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual War (VWar) 1.5.0 R15 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter, a different vector than CVE-2006-1503, CVE-2006-1636, ...
7 years ago

CVE-2009-4605 - scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery ...
1 year ago

CVE-2014-4605 - Cross-site scripting (XSS) vulnerability in cal/test.php in the ZdStatistics (zdstats) plugin 2.0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang parameter. ...
10 years ago

CVE-2012-4605 - The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it easier for remote attackers to obtain ...
7 years ago

CVE-2016-4605 - Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation. ...
7 years ago

CVE-2008-4605 - SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php. ...
7 years ago

CVE-2006-4605 - PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb parameter. ...
6 years ago

CVE-2015-4605 - The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of ...
1 year ago

CVE-2022-4605 - Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3. ...
2 years ago

CVE-2011-4605 - The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before ...
1 year ago

CVE-2005-4605 - The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value. ...
1 year ago

CVE-2010-4605 - Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite ...
1 year ago

CVE-2018-4605 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago

CVE-2017-4605 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com

CVE-2023-4605 - A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information. ...
8 months ago Tenable.com

CVE-2024-4605 - The Breakdance plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.7.1 via post meta data. This is due to the plugin storing custom data in metadata without an underscore prefix. This makes it possible ...
7 months ago Tenable.com

CVE-2021-47395 - In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotap routine in order to fix the following warning ...
7 months ago Tenable.com

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
6 years ago

CVE-2007-4246 - Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), ...
7 years ago

CVE-2007-0222 - Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably "\.." sequences in the beanId parameter. NOTE: this is ...
6 years ago

CVE-2007-2135 - The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FND_DOCUMENTS table via the ADI_DISPLAY_REPORT function, when passed a certain parameter. NOTE: due to lack of details from ...
6 years ago

Latest Cyber News

CVE-2024-54774 - 8 hours ago
CVE-2024-54775 - 8 hours ago
CVE-2024-50714 - 8 hours ago
CVE-2024-50716 - 9 hours ago
CVE-2024-50717 - 9 hours ago
CVE-2024-50713 - 9 hours ago
CVE-2024-50715 - 9 hours ago
CVE-2024-39025 - 10 hours ago
CVE-2024-54450 - 10 hours ago
CVE-2024-54451 - 10 hours ago
CVE-2024-54452 - 10 hours ago
CVE-2024-54453 - 10 hours ago
CVE-2024-54454 - 10 hours ago
CVE-2024-56732 - 10 hours ago
CVE-2024-12991 - 10 hours ago
CVE-2024-53476 - 11 hours ago
CVE-2024-50944 - 11 hours ago
CVE-2024-50945 - 11 hours ago
CVE-2024-12990 - 12 hours ago
CVE-2024-12989 - 12 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-12969 - 1 day ago
CVE-2024-12976 - 1 day ago
CVE-2024-12977 - 1 day ago
CVE-2024-9774 - 1 day ago
CVE-2024-12978 - 1 day ago
CVE-2024-12979 - 1 day ago
CVE-2024-12980 - 1 day ago
CVE-2024-56519 - 1 day ago
CVE-2024-56520 - 1 day ago
CVE-2024-56521 - 1 day ago
CVE-2024-56522 - 1 day ago
CVE-2024-11605 - 1 day ago
CVE-2024-11644 - 1 day ago
CVE-2024-11645 - 1 day ago
CVE-2024-11842 - 1 day ago
CVE-2024-11921 - 1 day ago
CVE-2024-12981 - 1 day ago
CVE-2024-12982 - 1 day ago
CVE-2024-56527 - 1 day ago
CVE-2024-12983 - 23 hours ago