CVE-2008-0782

Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot in the MOINID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter...

Directory traversal

Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot in the MOINID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter...

CVE-2008-0782

CVE-2008-0782 describes a directory traversal in MoinMoin up to version 1.5.8 and earlier. An attacker could overwrite arbitrary files by sending a dot-dot in the MOIN_ID cookie during a userform action; the issue could also enable PHP code execution via the quicklinks parameter. The vulnerabilit...

CVE-2008-0782

Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot in the MOINID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter...

CVE-2008-0782

Removed by vendor...

CVE-2008-0566

PHP remote file inclusion vulnerability in includes/smarty.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fullpathtopublicprogram parameter...

Design/Logic Flaw

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...

CVE-2008-0222

Unrestricted file upload vulnerability in ajaxfilemanager.php in the Wp-FileManager 1.2 plugin for WordPress allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors...

CVE-2007-6550

PMOS Help Desk 2.4 and earlier is affected by CVE-2007-6550. form.php redirects without exiting, enabling remote attackers to perform eval injection and execute arbitrary PHP code via the options array parameter. Affected component: PMOS Help Desk’s PHP form handling. Root cause: missing exit aft...

CVE-2007-6464

Multiple PHP remote file inclusion vulnerabilities in Form tools 1.5.0b allow remote attackers to execute arbitrary PHP code via a URL in the grootdir parameter to 1 adminpageopen.php and 2 clientpageopen.php in global/templates/...

Remote file inclusion

PHP remote file inclusion vulnerability in blocks/blocksitemap.php in ViArt 1 CMS 3.3.2, 2 HelpDesk 3.3.2, 3 Shop Evaluation 3.3.2, and 4 Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the rootfolderpath parameter. NOTE: some of these details are obtained from...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 pre1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 level parameter to a installmodule.php and b uninstallmodule.php in upload/xax/admin/modules/, c upload/xax/admin/patch/index.php, and d...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the ccmslibrarypath parameter to 1 markdown.php and 2 gallery.php in decoder/...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/kfm/initialise.php in DevMass Shopping Cart 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the kfmbasepath parameter...

CVE-2007-6139

PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1.0 beta 5 allows remote attackers to execute arbitrary PHP code via a URL in the skinfile parameter...

CVE-2007-6133

PHP remote file inclusion vulnerability in admin/kfm/initialise.php in DevMass Shopping Cart 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the kfmbasepath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/common.php in scWiki 1.0 Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the pathdot parameter...

scribe-exec.txt

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Scribe...

CVE-2007-5781

PHP remote file inclusion vulnerability in inc/sigeinit.php in Sige 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the SYSPATH parameter...