6 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in lib/classes/offlnflteam.php in Online Fantasy Football League OFFL 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOCROOT parameter. NOTE: this issue is disputed by CVE because a FILE test protects offlnflteam.php against...
CVE-2007-5097
PHP remote file inclusion vulnerability in lib/classes/offlnflteam.php in Online Fantasy Football League OFFL 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOCROOT parameter. NOTE: this issue is disputed by CVE because a FILE test protects offlnflteam.php against...
CVE-2007-4818
Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the docroot parameter to 1 addons/plugin.php, 2 addons/sidebar.php, 3 mail/index.php, or 4 mail/mailbox.php in modules/...
CVE-2007-4818
CVE-2007-4818 concerns multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 . The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the doc_root parameter to particular module files: (1) addons/plugin.php, (2) addons/sidebar.php, (3) mail/index.php, and...
TxX CMS doc_root远程文件包含漏洞
TxX CMS是一款基于PHP的WEB应用程序。 TxX CMS不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于脚本对用户提交的'docroot'参数缺少过滤,指定远程服务器上的任意文件作为包含对象,可导致以WEB权限执行任意PHP代码。 txx cms TxX CMS public 0.2a txx cms TxX CMS public 0.2 目前没有详细解决方案提供: https://sourceforge.net/projects/txx/...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the docroot parameter to 1 localize.php or 2 config.php in modules/admin/include/...