3 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to 1 index.php, 2 addentry.php, or 3 picture.php, a different set of vectors than CVE-2006-5804. NOTE: this issue has been...
CVE-2007-0530
CVE-2007-0530 covers multiple PHP remote file inclusion in Advanced Guestbook 2.4.2 via the include_path parameter used by index.php, addentry.php, or picture.php. The issue, similar to CVE-2006-5804, is that an attacker could cause PHP code execution by supplying a URL to include_path. Several c...
CVE-2006-5804
CVE-2006-5804 is a PHP remote file inclusion vulnerability in Advanced Guestbook 2.3.1 (admin.php) that allows an attacker to execute arbitrary PHP code via a URL supplied to the include_path parameter. The PT-2006-6481 entry for the same product version 2.3.1 corroborates this vector, detailing ...