8 matches found
TSEP colorswitch.php tsep_configabsPath Parameter PHP Code Execution - Ver2 (CVE-2006-3993)
A code execution vulnerability has been reported in Olaf Noehring The Search Engine Project TSEP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2006-4085
PHP remote file inclusion vulnerability in Olaf Noehring The Search Engine Project TSEP 0.942 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tsepconfigabsPath parameter to pagenavigation.php, a different vector than CVE-2006-4055. NOTE: the provenance of this...
CVE-2006-4085
CVE-2006-4085 describes a PHP remote file inclusion vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the tsep_config[absPath] parameter to pagenavigation.php (a vector distinct f...
CVE-2006-4055
Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project TSEP 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsepconfigabsPath parameter to 1 include/colorswitch.php, 2 contentimages.class.php, 3 ipfunctions.php, 4...
CVE-2006-4055
Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project TSEP 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsepconfigabsPath parameter to 1 include/colorswitch.php, 2 contentimages.class.php, 3 ipfunctions.php, 4...
CVE-2006-4055
CVE-2006-4055 concerns multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier. The issue is triggered via the tsep_config[absPath] parameter and affects (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (...
CVE-2006-3993
PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project TSEP 0.942 allows remote attackers to execute arbitrary PHP code via a URL in the tsepconfigabsPath parameter...
CVE-2006-3993
The CVE-2006-3993 entry describes a PHP remote file inclusion vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942, specifically in copyright.php. The underlying issue is that the tsep_config[absPath] parameter can be controlled by an attacker to supply a URL, enabling remote cod...