Lucene search
+L

51 matches found

Cvelist
Cvelist
added 2006/08/11 1:0 a.m.28 views

CVE-2006-4077

PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager CWFM 0.9.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the Language parameter...

7.6AI score0.03184EPSS
Exploits1References6
NVD
NVD
added 2006/08/05 12:4 a.m.22 views

CVE-2006-3984

PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAdspath parameter...

7.5CVSS7.5AI score0.03188EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/08/05 12:0 a.m.21 views

CVE-2006-3982

PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICKPATH parameter...

7.5AI score0.0255EPSS
Exploits1References4
CVE
CVE
added 2006/06/02 10:0 a.m.48 views

CVE-2006-2768

METAjour 2.1 contains a PHP remote file inclusion vulnerability exploitable when register_globals is enabled. An attacker can execute arbitrary PHP code via (1) the system_path parameter in files under app/edocument/, app/eproject/, app/erek/, and extension/ directories, and (2) the GLOBALS[syste...

5.1CVSS7.6AI score0.06745EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2006/05/24 11:0 p.m.32 views

CVE-2006-2570

PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS"CLPath" parameter to 1 reconfig.php and 2 srxclr.php. NOTE: this might be due to a globals overwrite issue...

7.5AI score0.02537EPSS
Exploits1References3
NVD
NVD
added 2006/04/20 6:6 p.m.28 views

CVE-2006-1929

PHP remote file inclusion vulnerability in include/common.php in I-Rater Platinum allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter...

5CVSS7.4AI score0.06962EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/03/09 11:0 a.m.25 views

CVE-2006-1099

PHP remote file include vulnerability in logIT 1.3 and 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the pg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.3AI score0.02256EPSS
Exploits1References1
NVD
NVD
added 2006/03/01 2:2 a.m.39 views

CVE-2006-0940

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php...

7.5CVSS7.9AI score0.03268EPSS
Exploits1References8
NVD
NVD
added 2006/01/04 1:3 a.m.23 views

CVE-2006-0076

PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...

7.5CVSS7.4AI score0.03076EPSS
Exploits1References6
NVD
NVD
added 2005/10/26 1:2 a.m.16 views

CVE-2005-3304

Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via 1 the username parameter in the Your Account page, 2 the url parameter in the Downloads module, and 3 the description parameter in the WebLinks module...

7.5CVSS8.4AI score0.05627EPSS
Exploits1References9
CVE
CVE
added 2005/08/16 4:0 a.m.50 views

CVE-2005-2567

CVE-2005-2567 affects SysCP 1.2.10 and earlier. The vulnerability is a PHP remote file inclusion via the language parameter, enabling an attacker to execute arbitrary PHP code on the server. The issue is documented in the CVE entry and corroborated by related advisories; no explicit exploit detai...

7.5CVSS7.7AI score0.01528EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder