Shopweezle 2.0 multiple vuln.

Shopweezle 2.0 multiple vuln. Vuln. discovered by : r0t Date: 9 april 2006 vendor:http://shopweezle.de/ affected versions: ShopWeezle PERSONAL ShopWeezle PROFESSIONAL ShopWeezle PROFESSIONAL+ orginal advisory: http://pridels.blogspot.com/2006/04/shopweezle-20-multiple-vuln.html Vuln. description:...

CVE-2005-4748

Technical details about CVE-2005-4748 are not publicly provided in the supplied documents; no concrete vulnerabilities, affected versions, or fixes are described. Monitor for updates.

MediaSlash Gallery - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

Code injection

TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights to cause a denial of service infinite recursion leading to CPU and memory consumption via INCLUDE by URL statements that form a loop, such as a page that includes itself...

CVE-2006-1387

CVE-2006-1387 affects TWiki 4.0, 4.0.1, and 20010901 through 20040904. The vulnerability allows remote authenticated users with edit rights to cause a denial of service via INCLUDE by URL statements that form a loop (e.g., a page including itself), triggering infinite recursion and consuming CPU ...

Help Center Live module.php local file include flaw

The remote web server contains a PHP script that is affected by a local file file include vulnerability. Description : The remote host is running Help Center Live, a help desk tool written in PHP. The remote version of Help Center Live fails to sanitize input to the SPDX-FileCopyrightText: 2005...

CuteNews <= 1.4.1 (function.php) Local File Include Exploit

No description provided by source. ?php // Happy NEW Iranian year . // Happy Norouz PERSIAN celebration // CuteNews 1.4.1 CutePHP.com Hash password Finder // by Hamid Ebadi // http://hamid.ir // Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network Security Team :. // run it from your...

VihorDesign - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/17227/info VihorDesign is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

CVE-2006-1350

The CVE-2006-1350 entry is supported by multiple connected sources detailing a remote file include (RFI) flaw in Free Articles Directory (a PHP CMS). The vulnerability occurs because index.php fails to sanitize the page parameter, allowing an unauthenticated attacker to include and execute arbitr...

CVE-2006-1350

PHP remote file include vulnerability in index.php in 99Articles.com aka ArticlesOne.com Free articles directory allows remote attackers to include and execute arbitrary PHP code via a URL in the page parameter...

CVE-2006-1294

PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter...

CVE-2006-1294

CVE-2006-1294 describes a PHP remote file inclusion in KnowledgebasePublisher 1.2, where the dir parameter in PageController.php can be supplied by an attacker to include and execute arbitrary PHP code. The query/condition relies on unsafely handling a URL input, enabling remote code execution wi...

CVE-2006-1294

PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter...

Code injection

Direct static code injection vulnerability in addlink.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the urlname parameter, which is not sanitized before being stored in links.txt, which is later used in an include statement...

Remote file inclusion

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php...

CVE-2006-1203

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php...

CVE-2006-1212

Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. NOTE: this vulnerability could not be confirmed by source code inspection of CoreNews 2.0.1, which...

CVE-2006-1200

Direct static code injection vulnerability in addlink.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the urlname parameter, which is not sanitized before being stored in links.txt, which is later used in an include statement...

CVE-2006-1203

The CVE-2006-1203 entry concerns a PHP remote file include vulnerability in txtForum 1.0.4-dev and earlier. The issue allows an attacker to cause arbitrary PHP code execution via a URL passed to the skin parameter of login.php (and possibly other parameters) due to include statements in common.ph...

CVE-2006-1203

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php...