CVE-2006-1922

PHP remote file inclusion vulnerability in 1 about.php or 2 auth.php in TotalCalendar allows remote attackers to execute arbitrary PHP code via a URL in the incdir parameter...

Monster Top List 1.4 - functions.php Remote File Inclusion

Monster Top List 1.4 - functions.php Remote File Inclusion source: https://www.securityfocus.com/bid/17546/info Monster Top List is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit thi...

CVE-2006-1784

PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when registerglobals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the settingsdir parameter...

CVE-2006-1702

PHP remote file inclusion vulnerability in spiplogin.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter...

CVE-2006-1702

PHP remote file inclusion vulnerability in spiplogin.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party ALP, allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including 1 ase.php, 2 devi.php, 3 doom3.php,...

Indexu 5.0 - Multiple Remote File Inclusions

Indexu 5.0 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/17470/info The 'indexu' application is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can explo...

horde_help_module.pm.txt

Title: Horde package Msf::Exploit::hordehelpmodule; use base "Msf::Exploit"; use strict; use Pex::Text; use bytes; my $advanced = ; my $info = 'Name' = 'Horde help viewer module remote PHP code execution', 'Version' = '$Revision: 1.0 $', 'Authors' = 'inkubus ' , 'Arch' = , 'OS' = , 'Priv' = 0,...

Horde <= 3.0.9 3.1.0 (Help Viewer) Remote Code Execution (metasploit)

No description provided by source. Title: Horde = 3.0.9, 3.1.0 Help Viewer Remote PHP Code Execution Vulnerability Name: hordehelpmodule.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This is an exploit module...

Horde 3.0.9/3.1.0 - Help Viewer Remote Code Execution (Metasploit)

Title: Horde package Msf::Exploit::hordehelpmodule; use base "Msf::Exploit"; use strict; use Pex::Text; use bytes; my $advanced = ; my $info = 'Name' = 'Horde help viewer module remote PHP code execution', 'Version' = '$Revision: 1.0 $', 'Authors' = 'inkubus ' , 'Arch' = , 'OS' = , 'Priv' = 0,...

CVE-2006-1596

PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter...

CVE-2006-1596

PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in index.php in MediaSlash Gallery allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter part of the $pagemenu variable...

MediaSlash Gallery - index.php Remote File Inclusion

MediaSlash Gallery - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...

Mambo Open Source Multiple Vulnerabilities

The remote installation of Mambo Open Source fails to sanitize input to the 'mosusertemplate' cookie before using it to include PHP code from a local file. An unauthenticated attacker may be able to exploit this issue to view arbitrary files or to execute arbitrary PHP code on the affected host. ...

Remote file inclusion

PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter...

CVE-2006-1252

Eval injection vulnerability in cal.php in Light Weight Calendar LWC 1.0 allows remote attackers to execute arbitrary PHP code via the date parameter to index.php...

EV0089.txt

New eVuln Advisory: FreeForum PHP Code Execution & Multiple XSS Vulnerabilities http://evuln.com/vulns/89/summary.html --------------------Summary---------------- eVuln ID: EV0089 CVE: CVE-2006-0957 CVE-2006-0958 Vendor: ZoneO-Soft Vendor's Web Site: http://soft.zoneo.net/ Software: FreeForum...

EV0087.txt

New eVuln Advisory: ShoutLIVE PHP Code Execution & Multiple XSS Vulnerabilities http://evuln.com/vulns/87/summary.html --------------------Summary---------------- eVuln ID: EV0087 CVE: CVE-2006-0940 CVE-2006-0941 Software: ShoutLIVE Sowtware's Web Site:...

Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta)

No description provided by source. Title: Limbo CMS version 1.x suffers from a remote code execution vulnerability. Name: limbocms1x.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This is an exploit module for...