2883 matches found
Remote file inclusion
PHP remote file include vulnerability in 1 include/templates/categories/default.php and 2 certain other include/templates/categories/ PHP scripts in Valdersoft Shopping Cart 3.0 allows remote attackers to execute arbitrary code via a URL in the catalogDocumentRoot parameter...
CVE-2006-0076
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...
Remote file inclusion
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...
CVE-2006-0064
PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote attackers to execute arbitrary PHP code via a URL in the globrootDir parameter...
CVE-2006-0064
PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote attackers to execute arbitrary PHP code via a URL in the globrootDir parameter...
CVE-2005-4439
Removed by vendor...
CVE-2005-4206
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to...
CVE-2005-3955
Multiple cross-site scripting XSS vulnerabilities in MagpieRSS 7.1, as used in a blogBuddiesv 0.3, b Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and 2 rssurl parameter to b magpieslashbox.php a...
RSA SecurID Web Agent for IIS redirect buffer overflow
Added: 11/30/2005 CVE: CVE-2005-4734 BID: 26424 OSVDB: 20151 Background RSA SecurID Web Agent for IIS provides access control for IIS web servers using one-time authentication tokens. Problem A buffer overflow in IISWebAgentIF.dll could allow a remote attacker to execute arbitrary commands using ...
CVE-2005-3859
PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter...
CVE-2005-3775
PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter...
CVE-2005-3775
PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter...
CVE-2002-1702
Cross-site scripting vulnerability XSS in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter...
CVE-2005-1965
PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LOCALPATH parameter...
CVE-2004-1710
page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter...
CVE-2005-0103
PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code...
CVE-2004-1710
page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter...
CVE-2004-0705
CVE-2004-0705 affects Bugzilla 2.16.x before 2.16.6 and Bugzilla 2.18 before 2.18rc1. The issue is multiple cross-site scripting (XSS) vulnerabilities in six CGI scripts (editcomponents.cgi, editgroups.cgi, editmilestones.cgi, editproducts.cgi, editusers.cgi, editversions.cgi) that allow remote a...
Choutcast buffer overflow
Buffer overflow on oversized icy-name and icy-url parameters...
Hosting Controller 1.x - DSNManager Directory Traversal
Hosting Controller 1.x - DSNManager Directory Traversal source: https://www.securityfocus.com/bid/4759/info Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems. The DSNManager script does not...