1982 matches found
CVE-2006-5310
PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences phpMyConference 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvcincludedir parameter...
CVE-2006-5289
Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the calpath parameter to 1 modules/Calendar/admin/update.php, 2 modules/Calendar/admin/scheme.php, or 3 modules/Calendar/calendar.php...
CVE-2006-5281
PHP remote file inclusion vulnerability in naboardpnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter...
CVE-2006-5252
PHP remote file inclusion vulnerability in includes/core.lib.php in Webmedia Explorer 2.8.7 allows remote attackers to execute arbitrary PHP code via a URL in the pathinclude parameter...
CVE-2006-5241
Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Gallery 1.4 and earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the docdirectory parameter in 1 file.php; 2 finduser.php, 3 libuser.php, 4 libformuser.php, and 5 user.ph...
CVE-2006-5230
PHP remote file inclusion vulnerability in forum.php in FreeForum 0.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter...
PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability
/ -------------------------------------------------------- Neo Security Team NST - Advisory 25 - 08/10/06 -------------------------------------------------------- Program: PHP Live! Homepage: http://www.phplivesupport.com/ Vulnerable Versions: 3.1 and prior Risk: High! Impact: Critical Risk -==PH...
FreeBSD : phpbb -- NULL byte injection vulnerability (86526ba4-53c8-11db-8f1a-000a48049292)
Secunia reports : ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system. Input passed to the 'avatarpath' parameter in admin/adminboard.php is not properly sanitised before being used as a configuration variable to store avata...
PixelMotionV2.1.1.txt
!/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip Poc.link......:...
CVE-2006-5068
PHP remote file inclusion vulnerability in admin/index.php in Brudaswen 1 BrudaNews 1.1 and earlier and 2 BrudaGB 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the o parameter...
Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit
Exploit for unknown platform in category web applications ================================================================= Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit ================================================================= !/usr/bin/perl Affected.scr..: Blog Pixel...
Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin
Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..:...
Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit
No description provided by source. !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip...
PT-2006-5603 · Hitweb · Hitweb
Name of the Vulnerable Software and Affected Versions: Hitweb versions 3.0 Description: The issue concerns remote file inclusion vulnerabilities in Hitweb 3.0, allowing remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the REP CLASS parameter to various PHP...
CVE-2006-4770
PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skiny parameter...
solpot-adv-06.txt
SolpotCrew Community Mcgallerypro pathtofolder Remote File Inclusion Download file : http://phpforums.net/mcgp/mcgp.zip/mcgp.zip Bug Found By :Solpot a.k.a k. Hasibuan 10-09-2006 contact: [email protected] Website : http://www.nyubicrew.org/adv/solpot-adv-06.txt Greetz: choi , h4ntu ,...
CVE-2006-4722
PHP remote file inclusion vulnerability in Open Bulletin Board OpenBB 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 index.php and possibly 2 collector.php...
mcGalleryPRO 2006 - 'path_to_folder' Remote File Inclusion
SolpotCrew Community Mcgallerypro pathtofolder Remote File Inclusion Download file : http://phpforums.net/mcgp/mcgp.zip/mcgp.zip Bug Found By :Solpot a.k.a k. Hasibuan 10-09-2006 contact: [email protected] Website : http://www.nyubicrew.org/adv/solpot-adv-06.txt Greetz: choi , h4ntu ,...
softbb01.txt
!/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code execution, SQL Injection, Full Path Disclosure Risk.level....: High Vendor.Status.: Unpatched Src.download..: softbb.be Poc.link......: acid-root.new.fr/poc/11060904.txt Advisory.link.:...
CVE-2006-4605
The CVE describes a PHP remote file inclusion vulnerability in Longino Jacome php-Revista 1.1.2, exploitable via the adodb parameter in index.php, allowing remote attackers to execute arbitrary PHP code. The NVD entry records a CVSS v2 base score of 7.5 (HIGH) with network attack vector and low a...