CVSS: 9.8EPSS: 90%CPEs: 4EXPL: 4CVE-2007-2199 – CJG EXPLORER PRO 3.2 - 'g_pcltar_lib_dir' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-2199
24 Apr 2007 — PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter. Una vulnerabilidad de inclusión remota de archivos PHP en lib/pcltar.lib.php (también se conoc... • https://www.exploit-db.com/exploits/3915 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 2CVE-2007-0374
https://notcve.org/view.php?id=CVE-2007-0374
19 Jan 2007 — SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing. Vulnerabilidad de inyección SQL en (1) Joomla! 1.0.11 y 1.5 Beta, y (2) Mambo 4.6.1, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id cuando se cancela el editor de contenidos. • http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html •