CVE-2006-5223

PHP remote file inclusion vulnerability in includes/functionsuserviewedposts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-5181

Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the target parameter in 1 changepreferences2.php, 2 createfile.php, 3 uploadlocal.php, and 4 uploadmulti.php, different vectors than CVE-2006-5124...

CVE-2006-5209

PHP remote file inclusion vulnerability in admin/admintopicactionlogging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

OpenDock Easy Gallery <= 1.4 (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV52$2006 ----------------------------------------------------------------------------------------------- ECHOADV52$2006OpenDock Easy Gallery =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

OpenDock Easy Doc <=1.4 (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV49$2006 ----------------------------------------------------------------------------------------------- ECHOADV49$2006OpenDock Easy Doc =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

OpenDock Easy Blog <=1.4 (doc_directory) File Include Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== OpenDock Easy Blog =1.4 docdirectory File Include Vulnerabilities ===================================================================== ECHOADV50$2006...

vtiger -- multiple remote file inclusion vulnerabilities

Dedi Dwianto a.k.a theday reports: Input passed to the "$calpath" parameter in update.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources...

FreeBSD : phpbb -- NULL byte injection vulnerability (86526ba4-53c8-11db-8f1a-000a48049292)

Secunia reports : ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system. Input passed to the 'avatarpath' parameter in admin/adminboard.php is not properly sanitised before being used as a configuration variable to store avata...

CVE-2006-5126

PHP remote file inclusion vulnerability in index.php in John Himmelman aka DaRk2k1 PowerPortal 1.3a allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter...

CVE-2006-5093

PHP remote file inclusion vulnerability in index.php in Tagmin Control Center in TagIt! Tagboard 2.1.B Build 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2006-5095

PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed...

CVE-2006-5077

PHP remote file inclusion vulnerability in admin/admintopicactionlogging.php in Chris Smith Minerva Build 238 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-5085

Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nomblog parameter, which is injected into include/variables.php...

CVE-2006-5021

Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in 1 the root parameter in imgen.php, and the rootpath parameter in 2 admin/config.php, 3 common.php, and 4 admin/index.php. NOTE: the provenance of this...

CVE-2006-4946

PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card Web Builder BCWB 0.99, and possibly 2.5 Beta and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

phpQuestionnaire 3.12 (phpQRootDir) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ===================================================================== phpQuestionnaire 3.12 phpQRootDir Remote File Include Vulnerability ===================================================================== SolpotCrew Community...

CVE-2006-4826

PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...

Limbo CMS &lt;= 1.0.4.2L (com_contact) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L "comcontact" remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dorks:...

CVE-2006-4437

The provided documents confirm CVE-2006-4437 in Tagger LE: an eval() injection vulnerability that allows remote attackers to execute arbitrary PHP code via crafted query string parameters in tags.php, sign.php, and admin/index.php. The root cause is unsanitised input being used directly inside an...

CVE-2006-4780

PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...