Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the 1 contenus parameter to a contenus.php; the 2 tpelseifportalrepertoire parameter to b votes.php, c espaceperso.php, d enregistrement.php, e...

CVE-2007-5304

Multiple cross-site scripting XSS vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 repertimage parameter to utilisateurs/vousetesbannis.php, the 2 elseifvotetxtresultatduvote parameter to utilisateurs/votesresultats.php, and the 3...

CVE-2007-5306

ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information full path via unspecified vectors to utilisateurs/votesresultats.php...

CVE-2007-5305

ELSEIF CMS Beta 0.6 has multiple PHP remote file inclusion vulnerabilities (CVE-2007-5305). An attacker can trigger arbitrary PHP code execution by supplying a URL in specific parameters: the contenus parameter to contenus.php; the tpelseifportalrepertoire parameter to votes.php, espaceperso.php,...

CVE-2007-5307

Technical details about CVE-2007-5307 are not publicly available in the provided connected documents. Please monitor for updates on affected software, impact and remediation.

CVE-2007-5304

CVE-2007-5304 affects ELSEIF CMS Beta 0.6. The vulnerability is multiple cross-site scripting (XSS) weaknesses that allow remote attackers to inject arbitrary web script or HTML via three parameters in PHP scripts: repertimage (utilisateurs/vousetesbannis.php), elseifvotetxtresultatduvote (utilis...

CVE-2007-5305

Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the 1 contenus parameter to a contenus.php; the 2 tpelseifportalrepertoire parameter to b votes.php, c espaceperso.php, d enregistrement.php, e...