66 matches found
CVE-2003-1459
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the 1 template parameter in News.php or 2 installdir parameter in install.php...
Ultimate PHP Board 1.9 - admin_iplog.php Arbitrary PHP Execution
Ultimate PHP Board 1.9 - adminiplog.php Arbitrary PHP Execution source: https://www.securityfocus.com/bid/7678/info A vulnerability has been reported in Ultimate PHP Board. The problem is said to occur due to insufficient sanitization of user-supplied input before including log data into a PHP...
Ultimate PHP Board 1.9 - 'admin_iplog.php' Arbitrary PHP Execution
source: https://www.securityfocus.com/bid/7678/info A vulnerability has been reported in Ultimate PHP Board. The problem is said to occur due to insufficient sanitization of user-supplied input before including log data into a PHP file. As a result, it may be possible for a remote attacker to...
Coppermine Photo Gallery 1.0 - PHP Code Injection
Coppermine Photo Gallery 1.0 - PHP Code Injection source: https://www.securityfocus.com/bid/7300/info Coppermine Photo Gallery has been reported prone to PHP code injection attacks. Due to a lack of sufficient sanitization performed on user-supplied filenames that are uploaded into the Photo...
phpBB does not adequately validate user input for language selection thereby allowing user to execute arbitrary php code
Overview phpBB is an open-source bulletin board program. A user input validation problem exists with regard to language settings. An intruder can excute arbitrary php code and gain a shell with the privileges of the web server on the system. Description Version 1.4.0 and earlier have a user input...
Critical - Arbitrary PHP code execution
More info at https://www.drupal.org/sa-core-2019-002...