CVE-2007-1795

JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1775

Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability

No description provided by source. ------------------------------------------------------------------------------ Advanced Login = 0.7 root Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a Bithedz Date...

Advanced Login 0.7 - root Remote File Inclusion

Advanced Login 0.7 - root Remote File Inclusion ------------------------------------------------------------------------------ Advanced Login = 0.7 root Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a...

Advanced Login &lt;= 0.7 &#40;root&#41; Remote File Inclusion Vulnerability

------------------------------------------------------------------------------ Advanced Login = 0.7 root Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a Bithedz Date Found : Maret, 29th 2007 Location :...

Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================ Advanced Login = 0.7 root Remote File Inclusion Vulnerability ================================================================...

CVE-2007-1695

PHP remote file inclusion vulnerability in includes/usercpregister.php in phpBB 2.0.19 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter. NOTE: this issue has been disputed by third-party researchers, stating that the file checks for a global constant...

Code injection

Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed via a "Configure" op to admin.php...

Unrestricted file upload

Multiple unrestricted file upload vulnerabilities in w-Agora Web-Agora allow remote attackers to upload and execute arbitrary PHP code 1 via a forum message with an attached file, which is stored under forums/hello/hello/notes/ or 2 by using browseavatar.php to upload a file with a double...

CVE-2007-1604

Multiple unrestricted file upload vulnerabilities in w-Agora Web-Agora allow remote attackers to upload and execute arbitrary PHP code 1 via a forum message with an attached file, which is stored under forums/hello/hello/notes/ or 2 by using browseavatar.php to upload a file with a double...

CVE-2006-7174

PHP remote file inclusion vulnerability in includes/functions.php in the Dimension module of phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter. NOTE: this may be the same issue as CVE-2006-5235...

Code injection

Direct static code injection vulnerability in admin/configuration.php in Guestbara 1.2 and earlier allows remote authenticated users to inject arbitrary PHP code into config.php via the 1 adminmail, 2 emotpatch, 3 login, 4 pass, and unspecified other parameters. NOTE: the provenance of this...

phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution

phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution source: https://www.securityfocus.com/bid/23008/info PhpStats is prone to a remote code-execution vulnerability because the application fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary PHP...

Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications =============================================================== Groupit 2.00b5 cbasepath Remote File Inclusion Vulnerability ===============================================================...

WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability

No description provided by source. \ /\ / | \ | / // / | | \ \ Y / | / / \ /\| /\ / / / / / .OR.ID ECHOADV74$2007 ------------------------------------------------------------------------------------- ECHOADV74$2007 WebCreator = 0.2.6-rc3 moddir Remote File Inclusion Vulnerability...

Groupit 2.00b5 - &#039;c_basepath&#039; Remote File Inclusion

------------------------------------------------------------------------------------- ECHOADV75$2007 Groupit 2.00b5 cbasepath Remote File Inclusion Vulnerability -------------------------------------- ---------------------------------------------- Author : Dedi Dwianto a.k.a theday Date Found :...

Company WebSite Builder PRO 1.9.8 - &#039;INCLUDE_PATH&#039; Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV76$2007 -------------------------------------------------------------------------------------------- ECHOADV76$2007 Company WebSite Builder PRO INCLUDEPATH Remote File Inclusion Vulnerability...

CVE-2007-1458

Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 inccheckdatelang.php, 2 inccharsetfx.php, 3 incconfigcolor.php, 4 inccurrencyset.php, 5 incdbmakelink.php, 6 incdiagnosticsreportfx.php, 7...

[ECHO_ADV_71$2007] AMP v3.2 &#40;base_path&#41; Remote File Inclusion Vulnerability

ECHOADV71$2007 --------------------------------------------------------------------------- ECHOADV71$2007 AMP v3.2 basepath Remote File Inclusion Vulnerability --------------------------------------------------------------------------- Author : Dedi Dwianto a.k.a theday Date Found : March, 13th...

Remote file inclusion

PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter...