Search
Find a vulnerability
Search criteria
18 vulnerabilities by agares_media
CVE-2008-6040 (GCVE-0-2008-6040)
Vulnerability from nvd – Published: 2009-02-03 11:00 – Updated: 2024-08-07 11:13
VLAI
Summary
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://packetstorm.linuxsecurity.com/0809-exploit… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2008/2700 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/31322 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/31975 | third-party-advisoryx_refsource_SECUNIA |
| https://secure.agaresmedia.com/forums/viewtopic.p… | x_refsource_MISC |
Date Public
2008-09-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:13:13.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt"
},
{
"name": "ADV-2008-2700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2700"
},
{
"name": "31322",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31322"
},
{
"name": "31975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31975"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-17T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt"
},
{
"name": "ADV-2008-2700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2700"
},
{
"name": "31322",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31322"
},
{
"name": "31975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31975"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt",
"refsource": "MISC",
"url": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt"
},
{
"name": "ADV-2008-2700",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2700"
},
{
"name": "31322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31322"
},
{
"name": "31975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31975"
},
{
"name": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032",
"refsource": "MISC",
"url": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6040",
"datePublished": "2009-02-03T11:00:00.000Z",
"dateReserved": "2009-02-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:13:13.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0432 (GCVE-0-2008-0432)
Vulnerability from nvd – Published: 2008-01-23 21:00 – Updated: 2024-08-07 07:46
VLAI
Summary
Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27346 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2008/0225 | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3567 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/28580 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/486591/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:54.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "phpautovideo-index-xss(39771)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39771"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "phpautovideo-index-xss(39771)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39771"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "phpautovideo-index-xss(39771)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39771"
},
{
"name": "28580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28580"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0432",
"datePublished": "2008-01-23T21:00:00.000Z",
"dateReserved": "2008-01-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:54.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0433 (GCVE-0-2008-0433)
Vulnerability from nvd – Published: 2008-01-23 21:00 – Updated: 2024-08-07 07:46
VLAI
Summary
PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAutoVideo 2.21 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter, a different vector than CVE-2007-6614.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27346 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2008/0225 | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3567 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28580 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/486591/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:53.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "phpautovideo-sidebar-file-include(39770)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39770"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAutoVideo 2.21 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter, a different vector than CVE-2007-6614."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "phpautovideo-sidebar-file-include(39770)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39770"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAutoVideo 2.21 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter, a different vector than CVE-2007-6614."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "28580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28580"
},
{
"name": "phpautovideo-sidebar-file-include(39770)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39770"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0433",
"datePublished": "2008-01-23T21:00:00.000Z",
"dateReserved": "2008-01-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:53.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0262 (GCVE-0-2008-0262)
Vulnerability from nvd – Published: 2008-01-15 19:00 – Updated: 2024-08-07 07:39
VLAI
Summary
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/27258 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/4905 | exploitx_refsource_EXPLOIT-DB |
| https://www.exploit-db.com/exploits/4898 | exploitx_refsource_EXPLOIT-DB |
Date Public
2008-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:39:35.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "agares-articleblock-sql-injection(39641)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641"
},
{
"name": "27258",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27258"
},
{
"name": "4905",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4905"
},
{
"name": "4898",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "agares-articleblock-sql-injection(39641)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641"
},
{
"name": "27258",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27258"
},
{
"name": "4905",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4905"
},
{
"name": "4898",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "agares-articleblock-sql-injection(39641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641"
},
{
"name": "27258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27258"
},
{
"name": "4905",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4905"
},
{
"name": "4898",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0262",
"datePublished": "2008-01-15T19:00:00.000Z",
"dateReserved": "2008-01-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:39:35.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6614 (GCVE-0-2007-6614)
Vulnerability from nvd – Published: 2008-01-03 23:00 – Updated: 2024-08-07 16:11
VLAI
Summary
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://osvdb.org/39617 | vdb-entryx_refsource_OSVDB |
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=407 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/27023 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28230 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/4782 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2007/4319 | vdb-entryx_refsource_VUPEN |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39617",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39617"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39617",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39617"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39617",
"refsource": "OSVDB",
"url": "http://osvdb.org/39617"
},
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407",
"refsource": "CONFIRM",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "27023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6614",
"datePublished": "2008-01-03T23:00:00.000Z",
"dateReserved": "2008-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6615 (GCVE-0-2007-6615)
Vulnerability from nvd – Published: 2008-01-03 23:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=407 | x_refsource_MISC |
| http://osvdb.org/39618 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/27023 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28230 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/4782 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2007/4319 | vdb-entryx_refsource_VUPEN |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "39618",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39618"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "39618",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39618"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407",
"refsource": "MISC",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "39618",
"refsource": "OSVDB",
"url": "http://osvdb.org/39618"
},
{
"name": "27023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6615",
"datePublished": "2008-01-03T23:00:00.000Z",
"dateReserved": "2008-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6542 (GCVE-0-2007-6542)
Vulnerability from nvd – Published: 2007-12-27 23:00 – Updated: 2024-08-07 16:11
VLAI
Summary
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://osvdb.org/39802 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/4764 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/26986 | vdb-entryx_refsource_BID |
Date Public
2007-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39802",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39802"
},
{
"name": "4764",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4764"
},
{
"name": "26986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26986"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39802",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39802"
},
{
"name": "4764",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4764"
},
{
"name": "26986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26986"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39802",
"refsource": "OSVDB",
"url": "http://osvdb.org/39802"
},
{
"name": "4764",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4764"
},
{
"name": "26986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26986"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6542",
"datePublished": "2007-12-27T23:00:00.000Z",
"dateReserved": "2007-12-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4552 (GCVE-0-2007-4552)
Vulnerability from nvd – Published: 2007-08-28 00:00 – Updated: 2024-08-07 15:01
VLAI
Summary
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/36857 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25418 | vdb-entryx_refsource_BID |
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=19 | x_refsource_MISC |
| http://14house.blogspot.com/2007/08/arcadem-rfi-s… | x_refsource_MISC |
| http://secunia.com/advisories/26574 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36857",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36857"
},
{
"name": "25418",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36857",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36857"
},
{
"name": "25418",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4552",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36857",
"refsource": "OSVDB",
"url": "http://osvdb.org/36857"
},
{
"name": "25418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25418"
},
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19",
"refsource": "MISC",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html",
"refsource": "MISC",
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4552",
"datePublished": "2007-08-28T00:00:00.000Z",
"dateReserved": "2007-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4551 (GCVE-0-2007-4551)
Vulnerability from nvd – Published: 2007-08-28 00:00 – Updated: 2024-08-07 15:01
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=19 | x_refsource_CONFIRM |
| http://osvdb.org/36856 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25432 | vdb-entryx_refsource_BID |
| http://14house.blogspot.com/2007/08/arcadem-rfi-s… | x_refsource_MISC |
| http://secunia.com/advisories/26574 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-08-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "36856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36856"
},
{
"name": "25432",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25432"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "36856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36856"
},
{
"name": "25432",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25432"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19",
"refsource": "CONFIRM",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "36856",
"refsource": "OSVDB",
"url": "http://osvdb.org/36856"
},
{
"name": "25432",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25432"
},
{
"name": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html",
"refsource": "MISC",
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4551",
"datePublished": "2007-08-28T00:00:00.000Z",
"dateReserved": "2007-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6040 (GCVE-0-2008-6040)
Vulnerability from cvelistv5 – Published: 2009-02-03 11:00 – Updated: 2024-08-07 11:13
VLAI
Summary
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://packetstorm.linuxsecurity.com/0809-exploit… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2008/2700 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/31322 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/31975 | third-party-advisoryx_refsource_SECUNIA |
| https://secure.agaresmedia.com/forums/viewtopic.p… | x_refsource_MISC |
Date Public
2008-09-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:13:13.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt"
},
{
"name": "ADV-2008-2700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2700"
},
{
"name": "31322",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31322"
},
{
"name": "31975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31975"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-17T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt"
},
{
"name": "ADV-2008-2700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2700"
},
{
"name": "31322",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31322"
},
{
"name": "31975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31975"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt",
"refsource": "MISC",
"url": "http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt"
},
{
"name": "ADV-2008-2700",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2700"
},
{
"name": "31322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31322"
},
{
"name": "31975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31975"
},
{
"name": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032",
"refsource": "MISC",
"url": "https://secure.agaresmedia.com/forums/viewtopic.php?f=12\u0026t=2032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6040",
"datePublished": "2009-02-03T11:00:00.000Z",
"dateReserved": "2009-02-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:13:13.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0432 (GCVE-0-2008-0432)
Vulnerability from cvelistv5 – Published: 2008-01-23 21:00 – Updated: 2024-08-07 07:46
VLAI
Summary
Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27346 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2008/0225 | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3567 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/28580 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/486591/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:54.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "phpautovideo-index-xss(39771)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39771"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "phpautovideo-index-xss(39771)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39771"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "phpautovideo-index-xss(39771)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39771"
},
{
"name": "28580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28580"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0432",
"datePublished": "2008-01-23T21:00:00.000Z",
"dateReserved": "2008-01-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:54.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0433 (GCVE-0-2008-0433)
Vulnerability from cvelistv5 – Published: 2008-01-23 21:00 – Updated: 2024-08-07 07:46
VLAI
Summary
PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAutoVideo 2.21 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter, a different vector than CVE-2007-6614.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27346 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2008/0225 | vdb-entryx_refsource_VUPEN |
| http://securityreason.com/securityalert/3567 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/28580 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/486591/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:53.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "phpautovideo-sidebar-file-include(39770)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39770"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAutoVideo 2.21 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter, a different vector than CVE-2007-6614."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "28580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28580"
},
{
"name": "phpautovideo-sidebar-file-include(39770)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39770"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAutoVideo 2.21 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter, a different vector than CVE-2007-6614."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27346"
},
{
"name": "ADV-2008-0225",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0225"
},
{
"name": "3567",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3567"
},
{
"name": "28580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28580"
},
{
"name": "phpautovideo-sidebar-file-include(39770)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39770"
},
{
"name": "20080118 Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486591/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0433",
"datePublished": "2008-01-23T21:00:00.000Z",
"dateReserved": "2008-01-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:53.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0262 (GCVE-0-2008-0262)
Vulnerability from cvelistv5 – Published: 2008-01-15 19:00 – Updated: 2024-08-07 07:39
VLAI
Summary
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/27258 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/4905 | exploitx_refsource_EXPLOIT-DB |
| https://www.exploit-db.com/exploits/4898 | exploitx_refsource_EXPLOIT-DB |
Date Public
2008-01-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:39:35.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "agares-articleblock-sql-injection(39641)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641"
},
{
"name": "27258",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27258"
},
{
"name": "4905",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4905"
},
{
"name": "4898",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "agares-articleblock-sql-injection(39641)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641"
},
{
"name": "27258",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27258"
},
{
"name": "4905",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4905"
},
{
"name": "4898",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "agares-articleblock-sql-injection(39641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641"
},
{
"name": "27258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27258"
},
{
"name": "4905",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4905"
},
{
"name": "4898",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0262",
"datePublished": "2008-01-15T19:00:00.000Z",
"dateReserved": "2008-01-15T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:39:35.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6614 (GCVE-0-2007-6614)
Vulnerability from cvelistv5 – Published: 2008-01-03 23:00 – Updated: 2024-08-07 16:11
VLAI
Summary
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://osvdb.org/39617 | vdb-entryx_refsource_OSVDB |
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=407 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/27023 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28230 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/4782 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2007/4319 | vdb-entryx_refsource_VUPEN |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39617",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39617"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39617",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39617"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39617",
"refsource": "OSVDB",
"url": "http://osvdb.org/39617"
},
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407",
"refsource": "CONFIRM",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "27023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6614",
"datePublished": "2008-01-03T23:00:00.000Z",
"dateReserved": "2008-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6615 (GCVE-0-2007-6615)
Vulnerability from cvelistv5 – Published: 2008-01-03 23:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=407 | x_refsource_MISC |
| http://osvdb.org/39618 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/27023 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28230 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/4782 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2007/4319 | vdb-entryx_refsource_VUPEN |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "39618",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39618"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "39618",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39618"
},
{
"name": "27023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407",
"refsource": "MISC",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=407"
},
{
"name": "39618",
"refsource": "OSVDB",
"url": "http://osvdb.org/39618"
},
{
"name": "27023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27023"
},
{
"name": "28230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28230"
},
{
"name": "4782",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4782"
},
{
"name": "ADV-2007-4319",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4319"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6615",
"datePublished": "2008-01-03T23:00:00.000Z",
"dateReserved": "2008-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6542 (GCVE-0-2007-6542)
Vulnerability from cvelistv5 – Published: 2007-12-27 23:00 – Updated: 2024-08-07 16:11
VLAI
Summary
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://osvdb.org/39802 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/4764 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/26986 | vdb-entryx_refsource_BID |
Date Public
2007-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39802",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39802"
},
{
"name": "4764",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4764"
},
{
"name": "26986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26986"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39802",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39802"
},
{
"name": "4764",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4764"
},
{
"name": "26986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26986"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39802",
"refsource": "OSVDB",
"url": "http://osvdb.org/39802"
},
{
"name": "4764",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4764"
},
{
"name": "26986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26986"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6542",
"datePublished": "2007-12-27T23:00:00.000Z",
"dateReserved": "2007-12-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4552 (GCVE-0-2007-4552)
Vulnerability from cvelistv5 – Published: 2007-08-28 00:00 – Updated: 2024-08-07 15:01
VLAI
Summary
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/36857 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25418 | vdb-entryx_refsource_BID |
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=19 | x_refsource_MISC |
| http://14house.blogspot.com/2007/08/arcadem-rfi-s… | x_refsource_MISC |
| http://secunia.com/advisories/26574 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36857",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36857"
},
{
"name": "25418",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25418"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36857",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36857"
},
{
"name": "25418",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25418"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4552",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36857",
"refsource": "OSVDB",
"url": "http://osvdb.org/36857"
},
{
"name": "25418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25418"
},
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19",
"refsource": "MISC",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html",
"refsource": "MISC",
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4552",
"datePublished": "2007-08-28T00:00:00.000Z",
"dateReserved": "2007-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4551 (GCVE-0-2007-4551)
Vulnerability from cvelistv5 – Published: 2007-08-28 00:00 – Updated: 2024-08-07 15:01
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://forums.agaresmedia.com/viewtopic.php?f=13&t=19 | x_refsource_CONFIRM |
| http://osvdb.org/36856 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25432 | vdb-entryx_refsource_BID |
| http://14house.blogspot.com/2007/08/arcadem-rfi-s… | x_refsource_MISC |
| http://secunia.com/advisories/26574 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-08-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "36856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36856"
},
{
"name": "25432",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25432"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "36856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36856"
},
{
"name": "25432",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25432"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19",
"refsource": "CONFIRM",
"url": "http://forums.agaresmedia.com/viewtopic.php?f=13\u0026t=19"
},
{
"name": "36856",
"refsource": "OSVDB",
"url": "http://osvdb.org/36856"
},
{
"name": "25432",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25432"
},
{
"name": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html",
"refsource": "MISC",
"url": "http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html"
},
{
"name": "26574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4551",
"datePublished": "2007-08-28T00:00:00.000Z",
"dateReserved": "2007-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}