Remote file inclusion

PHP remote file inclusion vulnerability in admin/plugins/OnlineUsers/main.php in PageTree CMS 0.0.2 BETA 0001 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSPTConfigdirdata parameter...

CVE-2008-7073

PHP remote file inclusion vulnerability in lib/action/rss.php in RSS module 0.1 for Pie Web Ma,esher, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lib parameter...

CVE-2009-2852

WP-Syntax plugin 0.9.1 and earlier for Wordpress, with registerglobals enabled, allows remote attackers to execute arbitrary PHP code via the testfilterwphead array parameter to test/index.php, which is used in a call to the calluserfuncarray function...

BaBB 2.8 Code Injection

!usr/bin/python BaBB 2.8 Full Code Injection Exploit AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...

Code injection

Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details are obtained from...

CVE-2008-6956

CVE-2008-6956 affects mxCamArchive 2.2 in the admin/admin.php component. It is a static code injection vulnerability that allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, with execution triggered by index.php. The C...

CVE-2009-2634

PHP remote file inclusion vulnerability in toolbarext.php in the MediaLibrary commedialibrary component 1.5.3 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2009-2635

PHP remote file inclusion vulnerability in toolbarext.php in the RealEstateManager comrealestatemanager component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

TikiWiki jhot Remote Command Execution

TikiWiki contains a flaw that may allow a malicious user to execute arbitrary PHP code. The issue is triggered due to the jhot.php script not correctly verifying uploaded files. It is possible that the flaw may allow arbitrary PHP code execution by uploading a malicious PHP script resulting in a...

DM FileManager <= 3.9.4 RFI Vulnerability - Active Check

DM FileManager is prone to a remote file inclusion RFI vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-2399

PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITYFILE parameter...

V-webmail Multiple PHP Remote File Inclusion Vulnerability

The host is running V-webmail and is prone to Multiple PHP Remote File Inclusion vulnerability. OpenVAS Vulnerability Test $Id: gbv-webmailmultfileincvuln.nasl 4906 2017-01-02 13:06:55Z teissa $ V-webmail Multiple PHP Remote File Inclusion Vulnerability Authors: Sharath S Copyright: Copyright c...

Remote file inclusion

PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fsjavascript parameter...

Code injection

Static code injection vulnerability in addreg.php in DB Top Sites 1.0 allows remote attackers to inject arbitrary PHP code via a crafted 1 url and 2 location parameter...

CVE-2009-2111

Static code injection vulnerability in addreg.php in DB Top Sites 1.0 allows remote attackers to inject arbitrary PHP code via a crafted 1 url and 2 location parameter...

eliteCMS Multiple Vulnerabilities

eliteCMS is prone to a vulnerability that lets attackers upload and execute arbitrary PHP code. The application is also prone to a cross-site scripting issue and to a SQL Injection Vulnerability. These issues occur because the application fails to sufficiently sanitize user-supplied input...

CVE-2009-1946

PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the forumspath parameter...

CVE-2009-1946

PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the forumspath parameter...

Code injection

Static code injection vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to inject arbitrary PHP code into phpreconfig.php via the formaula parameter...

Code injection

Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow 1 remote authenticated users to inject arbitrary PHP code into files by placing PHP sequences into the account's "display name" setting and then invoking...