1622 matches found
PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion
SolpotCrew Community PHP Event Calendar versi 1.4 pathtocalendar Remote File Inclusion Vendor site : http://www.softcomplex.com/products/phpeventcalendar/ Bug Found By :Solpot a.k.a k. Hasibuan 13th july 2006 contact: [email protected] Website : http://www.solpotcrew.org/adv/solpot-adv-01.t...
CVE-2006-3774
PHP remote file inclusion vulnerability in performs.php in the perForms component comperforms 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
iManage CMS 4.0.12 - 'absolute_path' Remote File Inclusion
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV40$2006 --------------------------------------------------------------------------------------------------- ECHOADV40$2006 iManage CMS = 4.0.12 absolutepath Remote File Inclusion...
iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion
Exploit for unknown platform in category web applications =========================================================== iManage CMS = 4.0.12 absolutepath Remote File Inclusion =========================================================== \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ /...
CVE-2006-3536
Direct static code injection vulnerability in code/classdbtext.php in EJ3 TOPo 2.2.178 and earlier allows remote attackers to execute arbitrary PHP code via parameters such as 1 descripcion and 2 pais, which are stored directly in a PHP script. NOTE: the provenance of this information is unknown;...
Mambo phpBB Component download.php phpbb_root_path Parameter Remote File Inclusion
The remote host is running the phpBB component for Mambo, a web-based bulletin board. The version of the phpBB component for Mambo installed on the remote host fails to sanitize input to the 'phpbbrootpath' parameter of the 'download.php' and other scripts before using it to include PHP code...
Ottoman CMS 1.1.3 - ?default_path Remote File Inclusion (2)
Ottoman CMS 1.1.3 - ?defaultpath Remote File Inclusion 2 !/usr/bin/perl use IO::Socket; Jacek Wlodarczyk j4ck - jacekwloatgmaildotcom Title: Ottoman CMS \r\n"; print "-...
Ottoman CMS <= 1.1.3 (default_path) Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ================================================================= Ottoman CMS = 1.1.3 defaultpath Remote File Inclusion Exploit ================================================================= !/usr/bin/perl use IO::Socket; Jacek Wlodarcz...
Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (2)
!/usr/bin/perl use IO::Socket; Jacek Wlodarczyk j4ck - jacekwloatgmaildotcom Title: Ottoman CMS \r\n"; print "- - Victim's ta...
CVE-2006-3374
PHP remote file inclusion vulnerability in index.php in Randshop 1.2 and earlier, including 0.9.3, allows remote attackers to execute arbitrary PHP code via a URL in the incl parameter...
CVE-2006-3395
PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter...
CVE-2006-3361
PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via the 1 PHPLIBlibdir parameter in studip-phplib/oohforms.inc and 2 ABSOLUTEPATHSTUDIP parameter in studip-htdocs/archivassi.php...
CVE-2006-3381
SturGeoN Upload allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension, then directly accessing the file. NOTE: It is uncertain whether this is a vulnerability or a feature of the product...
StudIP1302.txt
/------------------------------------------------ IHS Public advisory -------------------------------------------------/ Stud.IP Remote File Inclusion Stud.IP is a learning and an information management system for universities, educational facilities and enterprises. http://www.studip.de...
CVE-2006-3173
Multiple PHP remote file inclusion vulnerabilities in ContentBuilder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pathcb parameter to a libraries/comment/postComment.php and b modules/poll/poll.php, 2 rel parameter to c modules/archive/overview.inc.php, and the 3...
CVE-2006-3102
Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the modmime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles...
CVE-2006-3019
Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMSINCLUDEPATH parameter to files in parser/include/ including 1 class.parserphpcms.php, 2 class.sessionphpcms.php, 3 class.editphpcms.php, 4...
CVE-2006-2908
The domecode function in inc/functionspost.php in MyBulletinBoard MyBB 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a pregreplace function call with a /e executable modifier...
Remote file inclusion
PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfigbhfilepath parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in config.php in Rumble 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the configArrpathtodir parameter...