4 matches found
EUVD-2007-5574
Malware in sbrugna...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to 1 404.php or 2 topbar.php, different vectors than CVE-2006-6368...
CVE-2007-5599
CVE-2007-5599 affects awrate 1.0 with multiple PHP remote file inclusion (RFI) vulnerabilities. The issue allows remote attackers to execute arbitrary PHP code by supplying a URL in the toroot parameter used by (1) 404.php or (2) topbar.php, representing vectors distinct from CVE-2006-6368. The r...
CVE-2006-6368
CVE-2006-6368 is a PHP remote file inclusion vulnerability affecting awrate 1.0. The initial description states that an attacker can trigger arbitrary PHP code execution by supplying a URL in the toroot parameter to login.php.inc/search.php. The connected documents also describe similar remote fi...