CVE-2006-5419

PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database SID, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter...

CVE-2006-5421

WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file inclusion, but tha...

[ECHO_ADV_46$2006] P-Book <= 1.17 (pb_lang) Remote File Inclusion

ECHOADV56$2006 ------------------------------------------------------------------------ ----- ECHOADV46$2006 P-Book = 1.17 pblang Remote File Inclusion ------------------------------------------------------------------------ ------ Author : Ahmad Maulana a.k.a Matdhule Date Found : October, 18th...

CVE-2006-5402

Multiple PHP remote file inclusion vulnerabilities in PHPmybibli 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 classpath, 2 javascriptpath, and 3 includepath parameters in a cart.php; the 4 classpath parameter in b index.php; the 5 javascriptpath...

CVE-2006-5384

PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter...

CVE-2006-5384

PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter...

CVE-2006-5380

Remote file inclusion vulnerability in Contenido CMS allows remote attackers to execute arbitrary PHP code via a URL in the contenidopath parameter to 1 cms/dbfs.php or 2 cms/frontcontent.php. NOTE: CVE disputes this issue for version 4.6.15, because $contenidopath is set to a static value...

CVE-2006-5315

PHP remote file inclusion vulnerability in main.php in registroTL allows remote attackers to execute arbitrary PHP code via an ftp:// URL in the page parameter...

CVE-2006-5291

PHP remote file inclusion vulnerability in admin/includes/spaw/spawcontrol.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PH...

OpenDock FullCore <= 4.4 Remote File Include Vulnerabilities

No description provided by source. --------------------------------------------------------------------------------- OpenDock FullCore = v4.4 Remote File Include Vulnerabilities --------------------------------------------------------------------------------- Author : Matdhule Contact :...

EUVD-2006-5267

Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to 1 report.php, 2 archive.php, 3 comments.php, 4 init.php, or 5 news.php...

CVE-2006-5283

PHP remote file inclusion vulnerability in ftag.php in Minichat 6.0 allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter...

CVE-2006-5253

PHP remote file inclusion vulnerability in strload.php in Dayana Networks phpOnline aka PHP-Online 2.1 allows remote attackers to execute arbitrary PHP code via a URL in the LangFile parameter...

CVE-2006-5254

PHP remote file inclusion vulnerability in registrationdetailed.inc.php in Mark Van Bellen Detailed User Registration comregistrationdetailed, aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-5251

PHP remote file inclusion vulnerability in index.php in Deep CMS 2.0a allows remote attackers to execute arbitrary PHP code via a URL in the ConfigDir parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2006-5253

PHP remote file inclusion vulnerability in strload.php in Dayana Networks phpOnline aka PHP-Online 2.1 allows remote attackers to execute arbitrary PHP code via a URL in the LangFile parameter...

CVE-2006-5240

The CVE refers to a PHP remote file inclusion in Docmint 2.0 and earlier, specifically in engine/require.php. The vulnerability requires register_globals to be enabled and allows remote code execution by supplying a URL in the MY_ENV[BASE_ENGINE_LOC] parameter. This is documented across sources (...

Update Protection against CBSMS Mambo Module Remote File Vulnerabilities

CBSMS Module for Mambo, an Open Source Content Management System, is prone to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary PHP code on an affected system...

CVE-2006-5223

PHP remote file inclusion vulnerability in includes/functionsuserviewedposts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-5181

Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the target parameter in 1 changepreferences2.php, 2 createfile.php, 3 uploadlocal.php, and 4 uploadmulti.php, different vectors than CVE-2006-5124...