CVE-2006-6856

Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attackers to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit edycja operation, which is then executed via a direct request for this script...

CVE-2006-6887

Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/widged.php aka the WidgEd plugin, a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is...

CVE-2003-1314

PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook EMGB 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgbadminpath parameter...

CVE-2006-6738

PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

CVE-2006-6727

PHP remote file inclusion vulnerability in inertianewsclass.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENTROOT parameter...

CVE-2006-6694

Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a .. dot dot in the language parameter, as demonstrated by uploading a .JPG file containing PHP code, then accessing the file via config.php...

CVE-2006-6648

PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter...

CVE-2006-6612

PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the basepathstart parameter...

VerliAdmin <= 0.3 (index.php) Remote File Include Exploit

Exploit for unknown platform in category web applications ========================================================= VerliAdmin = 0.3 index.php Remote File Include Exploit ========================================================= ? / P.S Chcialem serdecznie niepozdrowic wszystkie kurwy takie jak N...

CVE-2006-6591

PHP remote file inclusion vulnerability in fonctions/template.php in EXlor 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the repphp parameter...

CVE-2006-6586

Multiple PHP remote file inclusion vulnerabilities in Vortex Blog vBlog, aka C12 a0.1nonfunc allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter in 1 secure.php or 2 checklogin.php in admin/auth/...

CVE-2006-6566

PHP remote file inclusion vulnerability in includes/profilcpconstants.php in the Profile Control Panel CPanel module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the modulerootpath parameter...

CVE-2006-6511

dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive in the installed .htaccess file, which allows remote attackers to execute arbitrary PHP code by uploading files whose names contain 1 feature, 2 editor, 3 newswire, 4 otherpress, 5 admin, 6 pbook, 7 media, or 8 mod, which are...

CVE-2006-6462

PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remote attackers to execute arbitrary PHP code via a URL in the addpath parameter...

CVE-2006-6453

PHP remote file inclusion vulnerability in JOWAMPShowPage.php in J-OWAMP Web Interface 2.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the link parameter...

PHP Live Helper &lt;= 2.0 (abs_path) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...

CVE-2006-6224

PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array...

kronolith -- arbitrary local file inclusion vulnerability

iDefense Labs reports: Remote exploitation of a design error in Horde's Kronolith could allow an authenticated web mail user to execute arbitrary PHP code under the security context of the running web server. The vulnerability specifically exists due to a design error in the way it includes certa...

Echo Security Advisory 2006.61

------------------------------------------------------------------------------ ECHOADV61$2006 a-ConMan = v3.2beta Remote File Inclusion ------------------------------------------------------------------------------ Author : Ahmad Maulana a.k.a Matdhule Date Found : November, 22nd 2006 Location :...

CVE-2006-6086

PHP remote file inclusion vulnerability in src/arkinc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfgpearpath parameter...