1978 matches found
CVE-2006-6879
Unrestricted file upload vulnerability in admin/uploads.php in PHP-Update 2.7 and earlier allows remote authenticated users to upload arbitrary PHP scripts to the gfx/ and files/ directories via the userfile parameter...
CVE-2006-6856
Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attackers to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit edycja operation, which is then executed via a direct request for this script...
CVE-2006-6887
Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/widged.php aka the WidgEd plugin, a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is...
CVE-2006-6913
Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors...
CVE-2003-1314
PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook EMGB 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgbadminpath parameter...
CVE-2006-6738
PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...
CVE-2006-6727
PHP remote file inclusion vulnerability in inertianewsclass.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENTROOT parameter...
CVE-2006-6694
Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a .. dot dot in the language parameter, as demonstrated by uploading a .JPG file containing PHP code, then accessing the file via config.php...
CVE-2006-6648
PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter...
CVE-2006-6612
PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the basepathstart parameter...
VerliAdmin <= 0.3 (index.php) Remote File Include Exploit
Exploit for unknown platform in category web applications ========================================================= VerliAdmin = 0.3 index.php Remote File Include Exploit ========================================================= ? / P.S Chcialem serdecznie niepozdrowic wszystkie kurwy takie jak N...
CVE-2006-6591
PHP remote file inclusion vulnerability in fonctions/template.php in EXlor 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the repphp parameter...
CVE-2006-6586
Multiple PHP remote file inclusion vulnerabilities in Vortex Blog vBlog, aka C12 a0.1nonfunc allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter in 1 secure.php or 2 checklogin.php in admin/auth/...
CVE-2006-6566
PHP remote file inclusion vulnerability in includes/profilcpconstants.php in the Profile Control Panel CPanel module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the modulerootpath parameter...
CVE-2006-6511
dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive in the installed .htaccess file, which allows remote attackers to execute arbitrary PHP code by uploading files whose names contain 1 feature, 2 editor, 3 newswire, 4 otherpress, 5 admin, 6 pbook, 7 media, or 8 mod, which are...
CVE-2006-6462
PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remote attackers to execute arbitrary PHP code via a URL in the addpath parameter...
CVE-2006-6453
PHP remote file inclusion vulnerability in JOWAMPShowPage.php in J-OWAMP Web Interface 2.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the link parameter...
CVE-2006-6347
Unrestricted file upload vulnerability in TFT-Gallery allows remote authenticated administrators to upload arbitrary .php files, possibly using admin/index.php. NOTE: this can be leveraged with CVE-2006-1412 to create a remote unauthenticated vector...
PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...
CVE-2006-6224
PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array...