Search criteria
5 vulnerabilities by nx
CVE-2026-48027 (GCVE-0-2026-48027)
Vulnerability from cvelistv5 – Published: 2026-05-27 15:50 – Updated: 2026-05-28 03:55
VLAI
CISA KEV
Title
Compromised Nx Console version 18.95.0
Summary
Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx Console is not compromised and users may remediate by upgrading to that version.
Severity
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-506 - Embedded Malicious Code
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/nrwl/nx-console/security/advis… | x_refsource_CONFIRM |
| https://github.com/nrwl/nx-console/issues/3139 | x_refsource_MISC |
| https://nx.dev/blog/nx-console-v18-95-0-postmorte… | x_refsource_MISC |
| https://www.stepsecurity.io/blog/nx-console-vs-co… | x_refsource_MISC |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nrwl | nx-console |
Affected:
= 18.95.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48027",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-05-27",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48027"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T03:55:41.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48027"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-27T00:00:00.000Z",
"value": "CVE-2026-48027 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nx-console",
"vendor": "nrwl",
"versions": [
{
"status": "affected",
"version": "= 18.95.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nx Console is the user interface for Nx \u0026 Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx Console is not compromised and users may remediate by upgrading to that version."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-506",
"description": "CWE-506: Embedded Malicious Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:50:01.143Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w"
},
{
"name": "https://github.com/nrwl/nx-console/issues/3139",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nrwl/nx-console/issues/3139"
},
{
"name": "https://nx.dev/blog/nx-console-v18-95-0-postmortem#indicators-of-compromise",
"tags": [
"x_refsource_MISC"
],
"url": "https://nx.dev/blog/nx-console-v18-95-0-postmortem#indicators-of-compromise"
},
{
"name": "https://www.stepsecurity.io/blog/nx-console-vs-code-extension-compromised",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.stepsecurity.io/blog/nx-console-vs-code-extension-compromised"
}
],
"source": {
"advisory": "GHSA-c9j4-9m59-847w",
"discovery": "UNKNOWN"
},
"title": "Compromised Nx Console version 18.95.0"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48027",
"datePublished": "2026-05-27T15:50:01.143Z",
"dateReserved": "2026-05-20T17:44:09.587Z",
"dateUpdated": "2026-05-28T03:55:41.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-36852 (GCVE-0-2025-36852)
Vulnerability from cvelistv5 – Published: 2025-06-10 19:23 – Updated: 2025-06-10 21:35
VLAI
Title
Build Cache Poisoning via Untrusted Pull Requests
Summary
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those using Amazon S3, Google Cloud Storage, or similar object storage) that allows any contributor with pull request privileges to inject compromised artifacts from an untrusted environment into trusted production environments without detection.
The vulnerability exploits a fundamental design flaw in the "first-to-cache wins" principle, where artifacts built in untrusted environments (feature branches, pull requests) can poison the cache used by trusted environments (protected branches, production deployments).
This attack bypasses all traditional security measures including encryption, access controls, and checksum validation because the poisoning occurs during the artifact construction phase, before any security measures are applied.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://nx.app/files/cve-2025-06 |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Niklas Portmann | Azure Based Remote Cache Plugin for Nx |
Affected:
0
(semver)
cpe:2.3:a:niklas_portmann:nx-remotecache-azure:0:*:*:*:*:*:*:* |
|
| Niklas Portmann | Minio Based Remote Cache Plugin for Nx |
Affected:
0
(semver)
cpe:2.3:a:niklas_portmann:nx-remotecache-minio:0:*:*:*:*:*:*:* |
|
| Niklas Portmann | Nx Remote Cache Utilities |
Affected:
0
(semver)
cpe:2.3:a:niklas_portmann:nx-remotecache-custom:0:*:*:*:*:*:*:* |
|
| Nx | AWS S3 Remote Cache Plugin for Nx |
Affected:
0
(semver)
cpe:2.3:a:nx:s3-cache:0:*:*:*:*:*:*:* |
|
| Nx | GCS Remote Cache Plugin for Nx |
Affected:
0
(semver)
cpe:2.3:a:nx:gcs-cache:0:*:*:*:*:*:*:* |
|
| Nx | Azure Blob Remote Cache Plugin for Nx |
Affected:
0
(semver)
cpe:2.3:a:nx:azure-cache:0:*:*:*:*:*:*:* |
|
| Nx | Shared File System Cache Plugin for Nx |
Affected:
0
(semver)
cpe:2.3:a:nx:shared-fs-cache:0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36852",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-10T20:12:14.201636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T20:12:58.460Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://registry.npmjs.org",
"cpes": [
"cpe:2.3:a:niklas_portmann:nx-remotecache-azure:0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"packageName": "nx-remotecache-azure",
"product": "Azure Based Remote Cache Plugin for Nx",
"repo": "https://github.com/NiklasPor/nx-remotecache-azure",
"vendor": "Niklas Portmann",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://registry.npmjs.org",
"cpes": [
"cpe:2.3:a:niklas_portmann:nx-remotecache-minio:0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"packageName": "nx-remotecache-minio",
"product": "Minio Based Remote Cache Plugin for Nx",
"repo": "https://github.com/NiklasPor/nx-remotecache-minio",
"vendor": "Niklas Portmann",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://registry.npmjs.org",
"cpes": [
"cpe:2.3:a:niklas_portmann:nx-remotecache-custom:0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"packageName": "nx-remotecache-custom",
"product": "Nx Remote Cache Utilities",
"repo": "https://github.com/NiklasPor/nx-remotecache-custom",
"vendor": "Niklas Portmann",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://registry.npmjs.org",
"cpes": [
"cpe:2.3:a:nx:s3-cache:0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"packageName": "@nx/s3-cache",
"product": "AWS S3 Remote Cache Plugin for Nx",
"vendor": "Nx",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://registry.npmjs.org",
"cpes": [
"cpe:2.3:a:nx:gcs-cache:0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"packageName": "@nx/gcs-cache",
"product": "GCS Remote Cache Plugin for Nx",
"vendor": "Nx",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://registry.npmjs.org",
"cpes": [
"cpe:2.3:a:nx:azure-cache:0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"packageName": "@nx/azure-cache",
"product": "Azure Blob Remote Cache Plugin for Nx",
"vendor": "Nx",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://registry.npmjs.org",
"cpes": [
"cpe:2.3:a:nx:shared-fs-cache:0:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"packageName": "@nx/shared-fs-cache",
"product": "Shared File System Cache Plugin for Nx",
"vendor": "Nx",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan style=\"background-color: transparent;\"\u003eA critical security vulnerability exists in \u003cb\u003eremote cache extensions\u003c/b\u003e for common build systems utilizing bucket-based remote cache (such as those using Amazon S3, Google Cloud Storage, or similar object storage) that allows any contributor with pull request privileges to inject compromised artifacts from an untrusted environment into trusted production environments without detection.\u0026nbsp;\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u003cbr\u003e\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cspan style=\"background-color: transparent;\"\u003eThe vulnerability exploits a fundamental design flaw in the \"first-to-cache wins\" principle, where artifacts built in untrusted environments (feature branches, pull requests) can poison the cache used by trusted environments (protected branches, production deployments).\u0026nbsp;\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u003cbr\u003e\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis attack bypasses all traditional security measures including encryption, access controls, and checksum validation because the poisoning occurs during the artifact construction phase, before any security measures are applied.\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those using Amazon S3, Google Cloud Storage, or similar object storage) that allows any contributor with pull request privileges to inject compromised artifacts from an untrusted environment into trusted production environments without detection.\u00a0\n\n\n\n\nThe vulnerability exploits a fundamental design flaw in the \"first-to-cache wins\" principle, where artifacts built in untrusted environments (feature branches, pull requests) can poison the cache used by trusted environments (protected branches, production deployments).\u00a0\n\n\n\n\nThis attack bypasses all traditional security measures including encryption, access controls, and checksum validation because the poisoning occurs during the artifact construction phase, before any security measures are applied."
}
],
"impacts": [
{
"capecId": "CAPEC-141",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-141 Cache Poisoning"
}
]
},
{
"capecId": "CAPEC-554",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-554 Functionality Bypass"
}
]
},
{
"capecId": "CAPEC-438",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-438 Modification During Manufacture"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T21:35:37.274Z",
"orgId": "36c7be3b-2937-45df-85ea-ca7133ea542c",
"shortName": "HeroDevs"
},
"references": [
{
"url": "https://nx.app/files/cve-2025-06"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Build Cache Poisoning via Untrusted Pull Requests",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "36c7be3b-2937-45df-85ea-ca7133ea542c",
"assignerShortName": "HeroDevs",
"cveId": "CVE-2025-36852",
"datePublished": "2025-06-10T19:23:33.956Z",
"dateReserved": "2025-04-15T23:50:31.198Z",
"dateUpdated": "2025-06-10T21:35:37.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2199 (GCVE-0-2007-2199)
Vulnerability from cvelistv5 – Published: 2007-04-24 20:00 – Updated: 2024-08-07 13:23
VLAI
Summary
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2007-04-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:51.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25230"
},
{
"name": "23613",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23613"
},
{
"name": "23708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23708"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.hackers.ir/advisories/joomla.html"
},
{
"name": "3781",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3781"
},
{
"name": "phpsitebackup-pcltarlib-file-include(35092)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35092"
},
{
"name": "4111",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4111"
},
{
"name": "20070514 shared code incolving pcltar.lib.php/g_pcltar_lib_dir RFI",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001618.html"
},
{
"name": "ADV-2007-1511",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1511"
},
{
"name": "25528",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25528"
},
{
"name": "20070904 Re: Multiple vulnerabilities in Joomla 1.5 RC 1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478503/100/0/threaded"
},
{
"name": "36009",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36009"
},
{
"name": "cjgexplorerpro-pcltarpcltrace-file-include(34273)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34273"
},
{
"name": "3915",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3915"
},
{
"name": "joomla-pcltar-file-include(33837)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33837"
},
{
"name": "24660",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24660"
},
{
"name": "34803",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34803"
},
{
"name": "20070423 Remote file inclusion in Joomla 1.5.0 Beta",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466687/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25230"
},
{
"name": "23613",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23613"
},
{
"name": "23708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23708"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.hackers.ir/advisories/joomla.html"
},
{
"name": "3781",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3781"
},
{
"name": "phpsitebackup-pcltarlib-file-include(35092)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35092"
},
{
"name": "4111",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4111"
},
{
"name": "20070514 shared code incolving pcltar.lib.php/g_pcltar_lib_dir RFI",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001618.html"
},
{
"name": "ADV-2007-1511",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1511"
},
{
"name": "25528",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25528"
},
{
"name": "20070904 Re: Multiple vulnerabilities in Joomla 1.5 RC 1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478503/100/0/threaded"
},
{
"name": "36009",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36009"
},
{
"name": "cjgexplorerpro-pcltarpcltrace-file-include(34273)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34273"
},
{
"name": "3915",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3915"
},
{
"name": "joomla-pcltar-file-include(33837)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33837"
},
{
"name": "24660",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24660"
},
{
"name": "34803",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34803"
},
{
"name": "20070423 Remote file inclusion in Joomla 1.5.0 Beta",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466687/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25230"
},
{
"name": "23613",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23613"
},
{
"name": "23708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23708"
},
{
"name": "http://www.hackers.ir/advisories/joomla.html",
"refsource": "MISC",
"url": "http://www.hackers.ir/advisories/joomla.html"
},
{
"name": "3781",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3781"
},
{
"name": "phpsitebackup-pcltarlib-file-include(35092)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35092"
},
{
"name": "4111",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4111"
},
{
"name": "20070514 shared code incolving pcltar.lib.php/g_pcltar_lib_dir RFI",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-May/001618.html"
},
{
"name": "ADV-2007-1511",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1511"
},
{
"name": "25528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25528"
},
{
"name": "20070904 Re: Multiple vulnerabilities in Joomla 1.5 RC 1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478503/100/0/threaded"
},
{
"name": "36009",
"refsource": "OSVDB",
"url": "http://osvdb.org/36009"
},
{
"name": "cjgexplorerpro-pcltarpcltrace-file-include(34273)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34273"
},
{
"name": "3915",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3915"
},
{
"name": "joomla-pcltar-file-include(33837)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33837"
},
{
"name": "24660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24660"
},
{
"name": "34803",
"refsource": "OSVDB",
"url": "http://osvdb.org/34803"
},
{
"name": "20070423 Remote file inclusion in Joomla 1.5.0 Beta",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466687/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2199",
"datePublished": "2007-04-24T20:00:00.000Z",
"dateReserved": "2007-04-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:23:51.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5625 (GCVE-0-2006-5625)
Vulnerability from cvelistv5 – Published: 2006-10-31 20:00 – Updated: 2024-08-07 19:55
VLAI
Summary
PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/2659 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/22627 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/4227 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/20773 | vdb-entryx_refsource_BID |
Date Public
2006-10-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2659",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2659"
},
{
"name": "22627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22627"
},
{
"name": "ADV-2006-4227",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4227"
},
{
"name": "20773",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20773"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2659",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2659"
},
{
"name": "22627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22627"
},
{
"name": "ADV-2006-4227",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4227"
},
{
"name": "20773",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20773"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2659",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2659"
},
{
"name": "22627",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22627"
},
{
"name": "ADV-2006-4227",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4227"
},
{
"name": "20773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20773"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5625",
"datePublished": "2006-10-31T20:00:00.000Z",
"dateReserved": "2006-10-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:55:54.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1251 (GCVE-0-2003-1251)
Vulnerability from cvelistv5 – Published: 2005-11-16 07:37 – Updated: 2024-08-08 02:19
VLAI
Summary
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10969.php | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/6500 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/7808 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2003-01-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:45.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "nx-file-include(10969)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10969.php"
},
{
"name": "20030102 N/X (PHP)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-01/0005.html"
},
{
"name": "6500",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6500"
},
{
"name": "7808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7808"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-02-12T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "nx-file-include(10969)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10969.php"
},
{
"name": "20030102 N/X (PHP)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-01/0005.html"
},
{
"name": "6500",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6500"
},
{
"name": "7808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7808"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "nx-file-include(10969)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10969.php"
},
{
"name": "20030102 N/X (PHP)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-01/0005.html"
},
{
"name": "6500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6500"
},
{
"name": "7808",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7808"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1251",
"datePublished": "2005-11-16T07:37:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:19:45.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}