4 matches found
FeehiCMS has an arbitrary file upload vulnerability
There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8.1 at the head image upload, that allows attackers to execute relevant PHP code...
CVE-2008-7005
include/modules/top/1-randomquote.php in Minb Is Not a Blog minb 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotestoedit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 inccheckdatelang.php, 2 inccharsetfx.php, 3 incconfigcolor.php, 4 inccurrencyset.php, 5 incdbmakelink.php, 6 incdiagnosticsreportfx.php, 7...
Boonex 2.0 Dolphin - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/21182/info Dolphin is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver process. This may allow the...