4 matches found
CVE-2006-1346
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a langfile parameter, as demonstrated by injecting PHP sequences into an Apache accesslog file...
CVE-2006-1292
CVE-2006-1292 is a directory-traversal vulnerability in PHP iCalendar 2.21 and earlier. An attacker can cause local file inclusion and remote code execution by manipulating cookies phpicalendar[cookie_language] and phpicalendar[cookie_style] (with a NUL/%00) so that PHP sequences injected into an...
CVE-2006-1243
Directory traversal vulnerability in install05.php in Simple PHP Blog SPB 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in the bloglanguage parameter, as demonstrated by injecting PHP sequences in...
CVE-2006-1243
Directory traversal vulnerability in install05.php in Simple PHP Blog SPB 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in the bloglanguage parameter, as demonstrated by injecting PHP sequences in...