CVE-2005-4462

PHP remote file include vulnerability in usermods.php in Tolva PHP website system 0.1.0 allows remote attackers to execute arbitrary code via a URL in the ROOT parameter...

Tolva PHP website system Remote File Include

Script: Tolva PHP website system Version: 0.1.0 Language: PHP Official Website: http://sourceforge.net/projects/twebs Problem: Remote File Include Discovered by: beford Description: ============ A complete collection of php scripts that work tightly together to create a highly customizable, dynam...

CVE-2005-4287

PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php...

CVE-2005-4287

CVE-2005-4287 affects MarmaraWeb E-commerce. The vulnerability is a PHP remote file include in index.php via the page parameter, enabling remote code execution. The issue stems from insufficient validation of the included file path, leading to arbitrary code execution with the web server. Connect...

EZDatabase 2.1.2 - 'index.php?db_id' SQL Injection

source: https://www.securityfocus.com/bid/15908/info ezDatabase is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ezDatabase is prone to an SQL injection vulnerability and a local file include...

Limbo CMS 1.0.4.2 - option Traversal Arbitrary File Access

Limbo CMS 1.0.4.2 - option Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15871/info Limbo CMS is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out cross-site scripting, SQL injection, and local file include attacks. Limbo...

Limbo CMS 1.0.4.2 - 'option' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15871/info Limbo CMS is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out cross-site scripting, SQL injection, and local file include attacks. Limbo CMS versions 1.0.4.2 and prior are affected by these...

Limbo CMS 1.0.4.2 - index.php?_SERVER[REMOTE_ADDR] Cross-Site Scripting

Limbo CMS 1.0.4.2 - index.php?SERVERREMOTEADDR Cross-Site Scripting source: https://www.securityfocus.com/bid/15871/info Limbo CMS is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out cross-site scripting, SQL injection, and local file include...

PHPCOIN 1.2.2 - '/includes/db.php?$_CCFG[_PKG_PATH_DBSE]' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15831/info PhpCOIN is prone to a file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote PHP code and execute it in the context ...

mcGallery PRO vuln.

mcGallery PRO vuln. Vuln. dicovered by : r0t Date: 13 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/mcgallery-pro-vuln.html vendor:http://mcgallerypro.com/ affected version: 2.2 and prior Product Description: A Pro version of mcGallery. Features: Displays photos, videos and Flash...

PHPCOIN 1.2.2 - includesdb.php?$_CCFG[_PKG_PATH_DBSE] Traversal Arbitrary File Access

PHPCOIN 1.2.2 - includesdb.php?$CCFGPKGPATHDBSE Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15831/info PhpCOIN is prone to a file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploi...

CVE-2005-4132

Unspecified "security leak" vulnerability in Contenido before 4.6.4, when registerglobals is on and allowurlfopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability...

CVE-2005-4132

Summary: CVE-2005-4132 affects Contenido prior to version 4.6.4. The vulnerability is described as a PHP remote file inclusion due to improper sanitization when PHP’s register_globals is enabled and allow_url_fopen is true, enabling an attacker to potentially read arbitrary files or execute code ...

CVE-2005-4132

Unspecified "security leak" vulnerability in Contenido before 4.6.4, when registerglobals is on and allowurlfopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability...

CVE-2005-4087

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management SugarCRM 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter...

CVE-2005-4087

SugarCRM

CVE-2005-4087

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management SugarCRM 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter...

CF_Nuke v4.6 Multiple vuln.

CFNuke v4.6 Multiple vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/cfnuke-v46-multiple-vuln.html vendor:http://www.mycfnuke.com/ affected version:v4.6 and prior Product Description: CFNuke is a free easy-to-setup & easy-to-use open source...

CF_Nuke v4.6 Multiple vuln.

CFNuke v4.6 Multiple vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/cfnuke-v46-multiple-vuln.html vendor:http://www.mycfnuke.com/ affected version:v4.6 and prior Product Description: CFNuke is a free easy-to-setup & easy-to-use open source...

CVE-2005-3936

SocketKB 1.1.0 and earlier are affected by a PHP file include vulnerability that allows remote attackers to include arbitrary local files via the __f parameter. The issue is a local file inclusion flaw in PHP, enabling an attacker to read or disclose local files as part of the vulnerability chain...