3 results (0.007 seconds)

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2007-4113

https://notcve.org/view.php?id=CVE-2007-4113

31 Jul 2007 — Unspecified vulnerability in Advanced Webhost Billing System (AWBS) before 2.6.0 allows remote authenticated users to obtain configuration data about other dedicated servers via unspecified vectors. Vulnerabilidad no especificada en Advanced Webhost Billing System (AWBS) anterior a 2.6.0 permite permite a usuarios autenticados remotamente obtener datos de configuración sobre otros servidores dedicados a través de vectores no especificados. • http://osvdb.org/38690 •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2007-4112

https://notcve.org/view.php?id=CVE-2007-4112

31 Jul 2007 — Multiple SQL injection vulnerabilities in Advanced Webhost Billing System (AWBS) before 2.6.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be leveraged for XSS attacks that "bypass AWBS's anti-XSS input validation." Múltiples vulnerabilidades de inyección SQL en Advanced Webhost Billing Syste (AWBS) anterior a 2.6.0, cuando magic_quotes_gpc está deshabilitado, permiten a atacantes remotos ejecutar comandos SQL de su elec... • http://osvdb.org/37257 •

CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 2

CVE-2007-2272 – Advanced Webhost Billing System (AWBS) 2.4.0 - 'cart2.php' Remote File Inclusion

https://notcve.org/view.php?id=CVE-2007-2272

25 Apr 2007 — PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter. Vulnerabilidad de inclusión remota de archivo en PHP en docs/front-end-demo/cart2.php en Webhost Billing System (AWBS) 2.4.0 permite a atacantes remotos ejecutar código PHP a través de una URL en el parámetro workdir. • https://www.exploit-db.com/exploits/3795 •