1622 matches found
CVE-2008-5906
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts...
CVE-2009-0103
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 appspathplug parameter to plugin/gateway/gnokii/init.php, the 2 appspaththemes parameter to plugin/themes/default/init.php, and the 3 appspathlibs parameter ...
CVE-2008-5792
PHP remote file inclusion vulnerability in showjoined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: the researcher also points out the analogous directory traversal issue...
CVE-2008-5789
Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator comfeederator component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 mosConfigabsolutepath parameter to a addtmsp.php, b edittmsp.php and c tmsp.php in includes/tmsp...
CVE-2008-5790
Multiple PHP remote file inclusion vulnerabilities in the Recly!Competitions comcompetitions component 1.0 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSmosConfigabsolutepath parameter to a add.php and b competitions.php in includes/competitions/, and...
Remote file inclusion
PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter...
CVE-2008-5764
PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in lib/jpgraph/jpgrapherrhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treat...
CVE-2008-5334
PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in include/header.php in Werner Hilversum FAQ Manager 1.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the configpath parameter...
CVE-2008-5173
Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute arbitrary PHP code via unspecified attack vectors...
Remote file inclusion
PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gConfdirlayouts parameter...
CVE-2008-5071
The CVE-2008-5071 issue affects Yoxel software (version 1.23beta and earlier) where itpm_estimate.php is vulnerable to multiple eval injection flaws. The underlying cause is eval-based code execution triggered by the proj_id parameter, allowing remote authenticated users to run arbitrary PHP code...
CVE-2008-5071
Multiple eval injection vulnerabilities in itpmestimate.php in Yoxel 1.23beta and earlier allow remote authenticated users to execute arbitrary PHP code via the projid parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in upload/admin/frontpageright.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter...
CVE-2008-5053
PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader comrssreader 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfiglivesite parameter...
CVE-2008-5060
Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to 1 exportbatch.inc.php, 2 runautosuspend.cron.php, and 3 sendemailcache.php in include/scripts/; 4...
Remote file inclusion
PHP remote file inclusion vulnerability in Admin/ADMPagina.php in OTManager 2.4 allows remote attackers to execute arbitrary PHP code via a URL in the Tipo parameter...
CVE-2008-5053
PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader comrssreader 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfiglivesite parameter...
CVE-2008-4811
The expandquotedtext function in libs/SmartyCompiler.class.php in Smarty 2.6.20 r2797 and earlier allows remote attackers to execute arbitrary PHP code via vectors related to templates and a \ backslash before a dollar-sign character...