Softerra : Security Vulnerabilities, CVEs,

CVE-2007-1787

Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.class.php in Softerra Time-Assistant 6.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_dir or (2) lib_dir parameter.
Max CVSS
9.3
EPSS Score
14.18%
Published
2007-03-31
Updated
2018-10-16

CVE-2006-5473

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the lib_dir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the product, and the existing "Description" file contains documentation, not functioning code
Max CVSS
7.5
EPSS Score
1.17%
Published
2006-10-24
Updated
2024-04-11

CVE-2006-5472

PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter in (1) lib/registry.lib.php, (2) lib/sqlcompose.lib.php, and (3) lib/sqlsearch.lib.php.
Max CVSS
7.5
EPSS Score
14.44%
Published
2006-10-24
Updated
2017-10-19

CVE-2006-5471

PHP remote file inclusion vulnerability in example/lib/grid3.lib.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the (1) cfg_dir and (2) lib_dir parameters.
Max CVSS
7.5
EPSS Score
6.57%
Published
2006-10-24
Updated
2017-10-19
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close