EUVD-2025-31491

Malicious code in bioql PyPI...

CVE-2025-11138 mirweiye wenkucms common.php createPathOne os command injection

A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used...

CVE-2025-50722

Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component...

PT-2025-33082 · Traq · Traq

Name of the Vulnerable Software and Affected Versions: Traq versions 2.0 through 2.3 Description: Traq versions 2.0 through 2.3 contain a remote code execution issue in the admincp/common.php script. The flawed authorization logic does not halt execution after a failed access check, allowing...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the getSystemTable and Delete methods in the common.php file. An attacker can disrupt service availability by exploiting this logic flaw to delete critical commands. Details Denial of Service DoS describes a...

SUSE CVE-2006-2871

PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter. NOTE: CVE disputes this issue, since $scriptpath is set to a constant value...

UBUNTU-CVE-2015-8994

An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/modphp or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validatepermission=1 setting. The vulnerability details a...

RHEL 5 / 6 : php (RHSA-2012:0546)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0546 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processe...

PT-2007-2850 · Php · Php Photo Album

Name of the Vulnerable Software and Affected Versions: PHP Photo Album versions prior to 0.3.2.6 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the db file parameter in the common.php file. It is noted that versions 0.3.2.6 and 0.4.1beta do not contain...

PT-2006-6801 · Active Php · Active Php Bookmarks

Name of the Vulnerable Software and Affected Versions: Active PHP Bookmarks version 1.1.02 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the APB SETTINGS'apb path' parameter in 1 apb common.php or 2 apb.php. However, it is noted that the PHP scripts exi...

PHPNuke-Clan 3.0.1 - 'vwar_root2' Remote File Inclusion

!/usr/bin/perl PHPNuke-Clan 3.0.1 Remote File Inclusion Exploit Bug Found By uid0 code by zod c 2006 ExploiterCode.com usage: perl pnc.pl perl pnc.pl http://site.com/PNC/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN,...