comdev 漏洞與 CVE 列表(16)

產品(CPE): — CVE 數: 16

comdev 漏洞概覽

彙總 comdev 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 SQL 注入、路徑處理缺陷與跨站腳本 等問題,部分漏洞可能導致 資料外洩,並影響 生產負載與軟體部署 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 11616 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2018-6368 SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action. [email protected] 9.8 2.70% 2018-02-17 2026-06-16
CVE-2008-6250 SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page. [email protected] 6.8 1.08% 2009-02-23 2026-06-16
CVE-2008-1872 SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information. [email protected] 7.5 0.97% 2008-04-17 2026-06-16
CVE-2007-3084 PHP remote file inclusion vulnerability in sampleblogger.php in Comdev Web Blogger 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter, a different vector than CVE-2006-5441. [email protected] 7.5 1.35% 2007-06-06 2026-06-16
CVE-2007-3081 PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. [email protected] 7.5 1.36% 2007-06-06 2026-06-16
CVE-2007-2422 Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter to (1) config-bak.php or (2) config.php. NOTE: CVE disputes this vulnerability because the unmodified scripts set the applicable variable to the empty string; reasonable modified copies would use a fixed pathname string [email protected] 9.8 2.43% 2007-05-01 2026-06-16
CVE-2006-6045 Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin Pro 4.1 allow remote attackers to execute arbitrary PHP code via a URL in the path[skin] parameter to (1) adminfoot.php, (2) adminhead.php, or (3) adminlogin.php. [email protected] 6.8 2.77% 2006-11-21 2026-06-16
CVE-2006-5441 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web Blogger 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. [email protected] 7.5 1.39% 2006-10-20 2026-06-16
CVE-2006-5440 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. [email protected] 7.5 1.39% 2006-10-20 2026-06-16
CVE-2006-5439 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Misc Tools 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. [email protected] 7.5 1.41% 2006-10-20 2026-06-16
CVE-2006-5438 PHP remote file inclusion vulnerability in adminfoot.php in Comdev Forum 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. [email protected] 7.5 1.39% 2006-10-20 2026-06-16
CVE-2006-5101 PHP remote file inclusion vulnerability in include.php in Comdev CSV Importer 3.1 and possibly 4.1, as used in (1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1, and (12) Comdev eCommerce 3.1, allows remote attackers to exec [email protected] 7.5 3.65% 2006-10-03 2026-06-16
CVE-2005-3825 SQL injection vulnerability in index.php in Comdev Vote Caster 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the campaign_id parameter in a result action. [email protected] 7.5 1.16% 2005-11-25 2026-06-16
CVE-2005-2544 PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter. [email protected] 5.0 1.45% 2005-08-10 2026-06-16
CVE-2005-2543 Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter. [email protected] 5.0 5.99% 2005-08-10 2026-06-16
CVE-2005-2138 Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message. [email protected] 4.3 0.99% 2005-07-05 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence