Lucene search
K

727 matches found

Cvelist
Cvelist
added 2009/02/24 6:0 p.m.50 views

CVE-2008-6251

PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter...

7.5AI score0.02031EPSS
Exploits1References5
Prion
Prion
added 2009/02/11 8:30 p.m.14 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 SESSIONSCRIPTPATH parameter to includes/vars.inc.php and the 2 gpcltarlibdir parameter to...

6.8CVSS8.2AI score0.01861EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/02/10 7:0 a.m.14 views

Directory traversal

Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the 1 ContactPlus and 2 Reviews modules, and 3 the modulename parameter to...

7.5CVSS7.9AI score0.06105EPSS
Exploits1References5Affected Software1
seebug.org
seebug.org
added 2009/01/18 12:0 a.m.19 views

SCMS v1 (index.php p) Local File Inclusion Vulnerability

No description provided by source. --:local file include:-- --------------------------------- script:simple content management system v 1 ------------------------------------------------------- download from:http://futurekast.com/fcms/php/SCMSv1.zip...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2008/12/31 11:0 a.m.26 views

CVE-2008-5789

Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator comfeederator component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 mosConfigabsolutepath parameter to a addtmsp.php, b edittmsp.php and c tmsp.php in includes/tmsp...

7.7AI score0.30093EPSS
Exploits2References4
seebug.org
seebug.org
added 2008/12/09 12:0 a.m.15 views

MG2 0.5.1 (filename) Remote Code Execution Vulnerability

No description provided by source. ?php /000000000000----------------------000\\ /-00--------++++++++++++++++++ -- -- - MiniGal2MG2 v0.5.1 remote Code Injection | Z okazji urodzin ¿yczê sobie wszystkiego zajebistego Zawsze na odwrót lol '''''---" 0 ------------ \ A-L | """""" '--==9 Victoria heh...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/12/08 12:0 a.m.14 views

MG2 0.5.1 (filename) Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ======================================================== MG2 0.5.1 filename Remote Code Execution Vulnerability ======================================================== and rest and ALL ---------++++++++++++================= -- =======--...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/12/08 12:0 a.m.10 views

MG2 0.5.1 - filename Remote Code Execution

MG2 0.5.1 - filename Remote Code Execution and rest and ALL ---------++++++++++++================= -- =======-- ./.................. =======--////- VULN:includes\mg2functions.php function writecomments$filename LINE 555 --------- function writecomments$filename $filename = "pictures/" . $filename...

8.1AI score
Exploits0
OpenVAS
OpenVAS
added 2008/11/14 12:0 a.m.40 views

PHPX news_id SQL Injection Vulnerability (Nov 2008)

PHPX is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.7AI score0.00949EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/11/10 11:0 a.m.24 views

CVE-2008-5000

SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the newsid parameter...

8.3AI score0.00949EPSS
Exploits0References4
CVE
CVE
added 2008/11/10 11:0 a.m.89 views

CVE-2008-5000

CVE-2008-5000 is an SQL injection vulnerability in PHPX 3.5.16, exploitable when magic_quotes_gpc is disabled. The flaw resides in admin/includes/news.inc.php, allowing remote attackers to inject arbitrary SQL via the news_id parameter (uppercase input). Multiple sources reference this PHPX issue...

6.8CVSS8.3AI score0.00949EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2008/11/01 12:0 a.m.45 views

sharedlog CMS Remote File Includes

I have discovered a remote file include vulnerability in the sharedlog Content management system. http://www.shatm.com/ http://sourceforge.net/projects/sharedlog/ Vulnerable code segment: requireonce$GLOBALS'rootdir'.'classes/!class.memcache.inc.php'; Line 5 of slideshowuploadvideo.content.php As...

1.1AI score
Exploits0
NVD
NVD
added 2008/10/28 10:30 a.m.34 views

CVE-2008-4769

Directory traversal vulnerability in the getcategorytemplate function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from thi...

9.3CVSS7.3AI score0.08974EPSS
Exploits1References6
Prion
Prion
added 2008/08/22 4:41 p.m.11 views

Directory traversal

Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 includes/eventsapplicationtop.php; 2 english/account.php, 3 french/account.php, a...

6.8CVSS7.5AI score0.02387EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2008/08/14 7:41 p.m.14 views

CVE-2008-3677

Directory traversal vulnerability in includes/eventsapplicationtop.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors...

6.8CVSS7.1AI score0.01236EPSS
Exploits0References4
NVD
NVD
added 2008/08/06 5:41 p.m.18 views

CVE-2008-3489

SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie...

7.5CVSS8.3AI score0.0101EPSS
Exploits0References4
Prion
Prion
added 2008/07/15 6:41 p.m.17 views

Remote file inclusion

PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/toolbar.php in gapicms 9.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the dirDepth parameter...

7.5CVSS8AI score0.03117EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2008/07/12 12:0 a.m.35 views

gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability

gapicms v9.0.2 dirDepth Remote File Inclusion Vulnerability Found : Ghost Hacker R-H TeaM |, .-. .-. ,| HOME : www.Real-Hack.net | o/ o | Email : [email protected] |/ / | Script : gapicms v9.0.2 Download Script : http://heanet.dl.sourceforge.net/sourceforge/gapicms/gapicmsv9.0.2stable.tar.gz...

0.4AI score
Exploits0
CVE
CVE
added 2008/06/27 6:0 p.m.41 views

CVE-2008-2899

Technical details for CVE-2008-2899 are not publicly provided in the supplied documents. The initial description is generic, and connected records do not expose affected product specifics, root cause, or remediation.

10CVSS6.6AI score0.01495EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2008/04/14 4:5 p.m.10 views

Remote file inclusion

PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...

6.8CVSS8AI score0.2437EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder