CVE-2007-2969

PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the waroot parameter...

CVE-2007-2939

Maven/Mazen’s PHP Chat 3.0.0 is affected by multiple PHP remote file inclusion vulnerabilities. The issue arises when an attacker can supply a URL via the basepath parameter to include/pear/ITX.php, IT_Error.php, or IT.php, enabling remote code execution on the server. The CVE-2007-2939 entry doc...

CVE-2007-2899

Direct static code injection vulnerability in adminconfig.php in NavBoard 2.6.0 allows remote attackers to inject arbitrary PHP code into data/config.php via multiple parameters, as demonstrated via the threadperpage parameter in an editconfig action...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the formatmenue parameter to 1 admin/inc/changeaction.php or 2 admin/inc/add.php...

CVE-2007-2679

Summary: CVE-2007-2679 is a PHP file inclusion vulnerability in Ivan Peevski gallery 0.3 (Simple PHP Scripts, sPHP). Affected component: index.php; vulnerability arises from using a user-supplied gallery parameter as input to file_exists, enabling inclusion of arbitrary PHP code through UNC or lo...

CVE-2007-2663

PHP remote file inclusion vulnerability in language/1/splash.lang.php in Beacon 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the languagePath parameter...

CVE-2007-2628

CVE-2007-2628 affects Justin Koivisto’s SecurityAdmin for PHP (PHPSecurityAdmin) v4.0.2. The vulnerability is a PHP remote file inclusion in include/logout.php that allows an attacker to execute arbitrary PHP code by supplying a URL via the PSA_PATH parameter. Documented impact is arbitrary code ...

Remote file inclusion

PHP remote file inclusion vulnerability in examples/widget8.php in phpHtmlLib 2.4.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter...

CVE-2007-2609

Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the a ETCDIR parameter to 1 libs/lom.php; 2 lomupdate.php, 3 check-lom.php, and 4 weighkeywords.php in scripts/; the b LIBSDIR parameter to 5 logout.php, 6 help.php...

EUVD-2007-2590

Multiple PHP remote file inclusion vulnerabilities in telltarget CMS 1.3.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 ordnertiefe parameter to siteconf.php; or the 2 ttdocroot parameter to a class.csv.php, b produktenachserie.php, or c refkdrubrik.php in functionen/; ...

CVE-2007-2575

PHP remote file inclusion vulnerability in watermark.php in the vm aka Jean-Francois Laflamme watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERYBASEDIR parameter...

CVE-2007-2575

PHP remote file inclusion vulnerability in watermark.php in the vm aka Jean-Francois Laflamme watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERYBASEDIR parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in phpMyChat.php3 in phpMyChat 0.14.5 allows remote attackers to execute arbitrary PHP code via a URL in the ChatPath parameter. NOTE: this has been disputed by multiple third parties and CVE because $ChatPath is set to a constant value...

WordPress WP Table Plugin <= 1.43 - Remote File Inclusion

Because of this vulnerability, the attackers can execute arbitrary PHP code via a URL in the "wpPATH" parameter. Solution Update the WordPress WP Table plugin to the latest available version at least 1.44...

Remote file inclusion

PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter...

CVE-2007-2426

PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

CVE-2007-2327

PHP remote file inclusion vulnerability in editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settingsappdir parameter...

CVE-2007-2325

PHP remote file inclusion vulnerability in include.php in MyNewsGroups : allows remote attackers to execute arbitrary PHP code via a URL in the myngroot parameter...

CVE-2007-2329

PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...