Arbitrary Code Injection

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Arbitrary Code Injection via the absolutePath function, due to missing path normalization, by executing a twig SSTI template. Remediation Upgrade craftcms/cms to version 4.12.2, 5.4.3 or...

EUVD-2006-2979

Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems EPS 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in 1 footer.php and 2 admin/footer.php...

Enterprise Payroll Systems <= 1.1 (footer) Remote Include Vulnerability

No description provided by source. $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ Enterprise TimeSheet and Payroll EPS = v.1.1 Remote File Include Vulnerability $$ Script site: http://epayroll.sourceforge.net/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$...

CVE-2005-2633

Multiple PHP file inclusion vulnerabilities in 1 admino.php, 2 boardo.php, 3 devo.php, 4 fileo.php or 5 techo.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter...

CVE-2005-2633

Multiple PHP file inclusion vulnerabilities in PHPTB Topic Board 2.0 and earlier affect the following scripts: admin_o.php, board_o.php, dev_o.php, file_o.php, and tech_o.php. The root cause is unsafely handling the absolutepath parameter, enabling remote attackers to execute arbitrary PHP code. ...