CVE-2006-5209

PHP remote file inclusion vulnerability in admin/admintopicactionlogging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

vtiger -- multiple remote file inclusion vulnerabilities

Dedi Dwianto a.k.a theday reports: Input passed to the "$calpath" parameter in update.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources...

OpenDock Easy Gallery <= 1.4 (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV52$2006 ----------------------------------------------------------------------------------------------- ECHOADV52$2006OpenDock Easy Gallery =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

OpenDock Easy Blog <=1.4 (doc_directory) File Include Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== OpenDock Easy Blog =1.4 docdirectory File Include Vulnerabilities ===================================================================== ECHOADV50$2006...

OpenDock Easy Doc &lt;=1.4 (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV49$2006 ----------------------------------------------------------------------------------------------- ECHOADV49$2006OpenDock Easy Doc =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

FreeBSD : phpbb -- NULL byte injection vulnerability (86526ba4-53c8-11db-8f1a-000a48049292)

Secunia reports : ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system. Input passed to the 'avatarpath' parameter in admin/adminboard.php is not properly sanitised before being used as a configuration variable to store avata...

CVE-2006-5126

PHP remote file inclusion vulnerability in index.php in John Himmelman aka DaRk2k1 PowerPortal 1.3a allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter...

CVE-2006-5093

PHP remote file inclusion vulnerability in index.php in Tagmin Control Center in TagIt! Tagboard 2.1.B Build 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2006-5095

PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed...

CVE-2006-5077

PHP remote file inclusion vulnerability in admin/admintopicactionlogging.php in Chris Smith Minerva Build 238 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-5085

Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nomblog parameter, which is injected into include/variables.php...

CVE-2006-5021

Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in 1 the root parameter in imgen.php, and the rootpath parameter in 2 admin/config.php, 3 common.php, and 4 admin/index.php. NOTE: the provenance of this...

CVE-2006-4946

PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card Web Builder BCWB 0.99, and possibly 2.5 Beta and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

phpQuestionnaire 3.12 (phpQRootDir) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ===================================================================== phpQuestionnaire 3.12 phpQRootDir Remote File Include Vulnerability ===================================================================== SolpotCrew Community...

CVE-2006-4826

PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...

Limbo CMS &lt;= 1.0.4.2L (com_contact) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L "comcontact" remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dorks:...

CVE-2006-4437

The provided documents confirm CVE-2006-4437 in Tagger LE: an eval() injection vulnerability that allows remote attackers to execute arbitrary PHP code via crafted query string parameters in tags.php, sign.php, and admin/index.php. The root cause is unsanitised input being used directly inside an...

CVE-2006-4780

PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

phpQuiz 0.1 (pagename) Remote File Include Vulnerability

No description provided by source. SolpotCrew Community phpQuiz v0.01 design and coding byJule Slootbeek pagename Remote File Inclusion Download file : http://www.furor-normannicus.de/phpQuiz/download/phpQuiz.zip Bug Found By :Solpot a.k.a k. Hasibuan 14-09-2006 contact: [email protected]...

phpQuiz v0.01 design and coding byJule Slootbeek &#40;pagename&#41; Remote File Inclusion

SolpotCrew Community phpQuiz v0.01 design and coding byJule Slootbeek pagename Remote File Inclusion Download file : http://www.furor-normannicus.de/phpQuiz/download/phpQuiz.zip Bug Found By :Solpot a.k.a k. Hasibuan 14-09-2006 contact: [email protected] Website :...