1981 matches found
Horde <= 3.0.9 3.1.0 (Help Viewer) Remote Code Execution (metasploit)
No description provided by source. Title: Horde = 3.0.9, 3.1.0 Help Viewer Remote PHP Code Execution Vulnerability Name: hordehelpmodule.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This is an exploit module...
PHP 4.x - 'tempnam() open_basedir' Restriction Bypass
source: https://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. These vulnerabilities would be an...
CVE-2006-1668
newimage.php in Eric Gerdes Crafty Syntax Image Gallery CSIG aka PHP thumbnail Photo Gallery 3.1g and earlier allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter and the ext parameter set to .php...
CVE-2006-1668
newimage.php in Eric Gerdes Crafty Syntax Image Gallery CSIG aka PHP thumbnail Photo Gallery 3.1g and earlier allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter and the ext parameter set to .php...
CVE-2006-1623
Unspecified vulnerability in main.php in an unspecified "file created by Andries Bruinsma," possibly a FleXiBle Development FXB application, allows remote attackers to include and execute arbitrary PHP code. NOTE: this disclosure is extremely vague and has very little information about the specif...
Information disclosure
Unspecified vulnerability in main.php in an unspecified "file created by Andries Bruinsma," possibly a FleXiBle Development FXB application, allows remote attackers to include and execute arbitrary PHP code. NOTE: this disclosure is extremely vague and has very little information about the specif...
Remote file inclusion
PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party ALP, allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when registerglobals is disabled...
CVE-2006-1576
Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php...
PHP Live Helper Multiple Remote File Inclusions
The remote host is running PHP Help Live, a commercial web-based real-time help tool written using PHP and MySQL. The version of PHP Help Live installed on the remote host fails to sanitize input to the 'abspath' parameter before using it in various scripts to include files with PHP code. An...
Limbo CMS Multiple Vulnerabilities
The remote web server contains a PHP application that is affected by numerous vulnerabilities. Description : The remote host is running Limbo CMS, a content-management system written in PHP. The remote version of this software is vulnerable to several flaws including : - If registerglobals is off...
4Images <= 1.7.1 Directory Traversal Vulnerability
The remote web server is running 4Images which is prone to directory traversal attacks. SPDX-FileCopyrightText: 2006 Ferdy Riphagen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Design/Logic Flaw
Laurentiu Matei eXpandable Home Page XHP CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using 1 manager.php, 2 standalonemanager.php, and 3 images.php...
CVE-2006-1371
Laurentiu Matei eXpandable Home Page XHP CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using 1 manager.php, 2 standalonemanager.php, and 3 images.php...
CVE-2006-1363
images.php in Justin White aka YTZ Free Web Publishing System FreeWPS 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file...
CVE-2006-1294
PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter...
Authentication flaw
publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentication for write access to the calendars directory, which allows remote attackers to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filename containing a .php extension and...
CVE-2006-1252
CVE-2006-1252 affects Light Weight Calendar (LWC) 1.0, where an eval injection in cal.php allows remote attackers to execute arbitrary PHP code via the date parameter to index.php. This is a remote code execution vulnerability with CVSSv2 base score 7.5 (HIGH) and network attack vector with no au...
CVE-2006-1219
Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." dot dot sequences in the stepOrder parameter to 1 upgrade/index.php or 2 install/index.php...
CVE-2006-1219
Vulnerability summary (CVE-2006-1219) : A directory traversal / local file inclusion flaw affects Gallery 2.0.3 and earlier, and 2.1 before RC-2a. The issue allows an attacker to cause the application to include arbitrary PHP files via dot-dot sequences in the stepOrder parameter sent to (1) upgr...
Directory traversal
Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name ends in a .php.li extension, which can be accessed from the upload directory...