Remote file inclusion

PHP remote file inclusion vulnerability in example.php in Thomas Gossmann ScorpNews 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/functions.php in Quate Grape Web Statistics 0.2a allows remote attackers to execute arbitrary PHP code via a URL in the location parameter...

CVE-2008-1893

PHP remote file inclusion vulnerability in index.php in W2B Online Banking allows remote attackers to execute arbitrary PHP code via a URL in the ilang parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...

CVE-2008-1776

CVE-2008-1776 is a PHP remote file inclusion vulnerability in PhpBlock A8.4 where an attacker can cause arbitrary PHP code execution via a URL supplied to PATH_TO_CODE in modules/basicfog/basicfogfactory.class.php. Multiple sources (NVD entries and related records) confirm the vulnerable file and...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the bndirdefault parameter to 1 adduser.php, 2 createforum.php, 3 createuser.php, 4 deletenotes.php, 5 deleteuser.php, 6 editforum.php, 7 mailusers.php, 8...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PHPauction GPL 2.51 allow remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to 1 converter.inc.php, 2 messages.inc.php, and 3 settings.inc.php in includes/...

CVE-2008-1405

PHP remote file inclusion vulnerability in code/display.php in fuzzylime cms 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter...

CVE-2008-1124

Multiple PHP remote file inclusion vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absoluteurl parameter to 1 components/xmlparser/loadparser.php; 2 admin.php, 3 categories.php, 4 categoriesadd.php, 5...

CVE-2008-1067

Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the SESSIONpath parameter to 1 ezmlm.php and 2 tools/updatetranslations.php...

CVE-2008-1059

PHP remote file inclusion vulnerability in modules/syntaxhighlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter...

Sql injection

Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter...

CVE-2008-1060

Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in membershelp.php in Joovili 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the hlp parameter...

CVE-2008-0743

PHP remote file inclusion vulnerability in membershelp.php in Joovili 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the hlp parameter...

CVE-2008-0572

Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MMGLOBALShome parameter to 1 acweb/adminindex.php; and 2 ask.inc.php, 3 learn.inc.php, 4 manage.inc.php, 5 mind.inc.php, and 6 sensory.inc.php in include/...

CVE-2008-0503

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...

SQLiteManager confirm.php spaw_root Parameter Remote File Inclusion

The remote host is running SQLiteManager, a web-based application for managing SQLite databases. The version of SQLiteManager installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter of the 'spaw/dialogs/confirm.php' script before using it to include PHP code...

CVE-2008-0287

PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 index.php and 2 checkout.php...

Remote file inclusion

PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 index.php and 2 checkout.php...