14 matches found
EUVD-2007-1387
Malware in sbrugna...
EUVD-2006-4224
Malware in sbrugna...
CVE-2015-4726
PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config'basedir' parameter...
Dotproject 2.0 /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to 1 MySQLController.php, 2 SQLController.php, 3 SetupController.php, 4 VideoController.php, and 5 ViewController.php in controllers/...
CVE-2008-6287
Broadcast Machine 0.1 is vulnerable to multiple PHP remote file inclusion (RFI) flaws in controllers/. The baseDir parameter in (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php can be abused to execute arbitrary PHP code ...
broadcast-rfi.txt
================================================================================================================= o Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerability Software : Broadcast Machine version 0.1 Vendor : http://code.google.com/p/broadcastmachine/ View Source :...
Cross site scripting
Cross-site scripting XSS vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter...
CVE-2008-0125
Cross-site scripting XSS vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter...
CVE-2007-5175
CVE-2007-5175 : PHP remote file inclusion in actSite 1.991 Beta (lib/base.php) allows an attacker to execute arbitrary PHP code via a URL in the BaseCfg[BaseDir] parameter. Root cause: unsafely using a user-controlled file path in an include operation. Impact: remote code execution on the affecte...
CVE-2006-5893
Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to 1 mysql.php and 2 mysqli.php in include/classes/pear/DB/...
CVE-2006-4944
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdnsbasedir parameter...
PT-2006-1804 · Dotproject · Dotproject
Name of the Vulnerable Software and Affected Versions: dotProject versions 2.0.1 and earlier Description: The issue allows remote attackers to execute arbitrary commands via the baseDir parameter in several PHP files, including db adodb.php, db connect.php, session.php, vw usr roles.php,...