727 matches found
CVE-2008-6251
PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 SESSIONSCRIPTPATH parameter to includes/vars.inc.php and the 2 gpcltarlibdir parameter to...
Directory traversal
Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the 1 ContactPlus and 2 Reviews modules, and 3 the modulename parameter to...
SCMS v1 (index.php p) Local File Inclusion Vulnerability
No description provided by source. --:local file include:-- --------------------------------- script:simple content management system v 1 ------------------------------------------------------- download from:http://futurekast.com/fcms/php/SCMSv1.zip...
CVE-2008-5789
Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator comfeederator component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 mosConfigabsolutepath parameter to a addtmsp.php, b edittmsp.php and c tmsp.php in includes/tmsp...
MG2 0.5.1 (filename) Remote Code Execution Vulnerability
No description provided by source. ?php /000000000000----------------------000\\ /-00--------++++++++++++++++++ -- -- - MiniGal2MG2 v0.5.1 remote Code Injection | Z okazji urodzin ¿yczê sobie wszystkiego zajebistego Zawsze na odwrót lol '''''---" 0 ------------ \ A-L | """""" '--==9 Victoria heh...
MG2 0.5.1 (filename) Remote Code Execution Vulnerability
Exploit for unknown platform in category web applications ======================================================== MG2 0.5.1 filename Remote Code Execution Vulnerability ======================================================== and rest and ALL ---------++++++++++++================= -- =======--...
MG2 0.5.1 - filename Remote Code Execution
MG2 0.5.1 - filename Remote Code Execution and rest and ALL ---------++++++++++++================= -- =======-- ./.................. =======--////- VULN:includes\mg2functions.php function writecomments$filename LINE 555 --------- function writecomments$filename $filename = "pictures/" . $filename...
PHPX news_id SQL Injection Vulnerability (Nov 2008)
PHPX is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-5000
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the newsid parameter...
CVE-2008-5000
CVE-2008-5000 is an SQL injection vulnerability in PHPX 3.5.16, exploitable when magic_quotes_gpc is disabled. The flaw resides in admin/includes/news.inc.php, allowing remote attackers to inject arbitrary SQL via the news_id parameter (uppercase input). Multiple sources reference this PHPX issue...
sharedlog CMS Remote File Includes
I have discovered a remote file include vulnerability in the sharedlog Content management system. http://www.shatm.com/ http://sourceforge.net/projects/sharedlog/ Vulnerable code segment: requireonce$GLOBALS'rootdir'.'classes/!class.memcache.inc.php'; Line 5 of slideshowuploadvideo.content.php As...
CVE-2008-4769
Directory traversal vulnerability in the getcategorytemplate function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from thi...
Directory traversal
Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 includes/eventsapplicationtop.php; 2 english/account.php, 3 french/account.php, a...
CVE-2008-3677
Directory traversal vulnerability in includes/eventsapplicationtop.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors...
CVE-2008-3489
SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie...
Remote file inclusion
PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/toolbar.php in gapicms 9.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the dirDepth parameter...
gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability
gapicms v9.0.2 dirDepth Remote File Inclusion Vulnerability Found : Ghost Hacker R-H TeaM |, .-. .-. ,| HOME : www.Real-Hack.net | o/ o | Email : [email protected] |/ / | Script : gapicms v9.0.2 Download Script : http://heanet.dl.sourceforge.net/sourceforge/gapicms/gapicmsv9.0.2stable.tar.gz...
CVE-2008-2899
Technical details for CVE-2008-2899 are not publicly provided in the supplied documents. The initial description is generic, and connected records do not expose affected product specifics, root cause, or remediation.
Remote file inclusion
PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...