newsletter.txt

I found a bug in artmedic Newsletter 4.1 proably even in newer versions which lets an attacker run arbitrary php-code and bypass the password protection. The reason for this is mistake in design. log.php: Usually the log.php is included and $logfile,$logtime and $email are declared in the parent...

CVE-2005-1755

PHP remote file inclusion vulnerability in pollvote.php in PHP Poll Creator 1.01 allows remote attackers to execute arbitrary PHP code via the relativerpfad parameter...

Design/Logic Flaw

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

Remote file inclusion

PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManagerPath parameter to ezusermanagerpwdforgott.php, possibly due to an issue in ezusermanagercore.inc.php...

Remote file inclusion

PHP remote file inclusion vulnerability in resources/includes/popp.config.loader.inc.php in PopSoft Digital PopPhoto Studio 3.5.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter cfg'popphotobasepath' variable. NOTE: Pixaria has notified CVE...

CVE-2006-2323

Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in 1 editsite.php, 2 addsite.php, and 3 in.php. NOTE: The config.php vector is already covered by CVE-2006-1749...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the 1 clarolineRepositorySys parameter in ldap.inc.php and the 2 claroCasLibPath parameter in casProcess.inc.php...

Remote file inclusion

PHP remote file inclusion vulnerability in classes/adodbt/sql.php in Limbo CMS 1.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the classesdir parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in master.php in OpenPHPNuke and 2.3.3 earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

CVE-2006-2137

PHP remote file inclusion vulnerability in master.php in OpenPHPNuke and 2.3.3 earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

Code injection

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

CVE-2006-2129

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

CVE-2006-2059

actionpublic/search.php in Invision Power Board IPB 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "e" execute modifier...

Sql injection

Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been described as file inclusion by som...

[SA19749] built2go Movie Review "full_path" File Inclusion Vulnerability

TITLE: built2go Movie Review "fullpath" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA19749 VERIFY ADVISORY: http://secunia.com/advisories/19749/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: built2go Movie Review 1.x http://secunia.com/product/9515/...

Directory traversal

Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." dot dot in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code...

CVE-2006-1963

Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." dot dot in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code...

CVE-2006-1929

PHP remote file inclusion vulnerability in include/common.php in I-Rater Platinum allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter...

CVE-2006-1895

Direct static code injection vulnerability in includes/template.php in phpBB allows remote authenticated users with write access to execute arbitrary PHP code by modifying a template in a way that 1 bypasses a loose "." regular expression to match BEGIN and END statements in overallheader.tpl, or...

CVE-2006-1896

Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 $themefontcolor3 variable and/or signature values, possibly involving the highlight functionality. NOTE: the original report does not clari...