CVE-2007-2647

CVE-2007-2647 affects Monalbum 0.8.7. A static code injection vulnerability in admin/admin_configuration.php allows remote authenticated users to inject arbitrary PHP code into conf/config.inc.php by manipulating one of 28 parameters (e.g., gadm_pass, gadm_user, gcfgBase, etc.). The NVD entry doc...

CVE-2007-2647

Static code injection vulnerability in admin/adminconfiguration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the 1 gadmpass, 2 gadmuser, 3 gcfgHote, 4 gcfgPass, 5 gcfgUser, 6 gclassementrep, 7 gcontour, 8 gfond, 9...

CVE-2007-2628

CVE-2007-2628 affects Justin Koivisto’s SecurityAdmin for PHP (PHPSecurityAdmin) v4.0.2. The vulnerability is a PHP remote file inclusion in include/logout.php that allows an attacker to execute arbitrary PHP code by supplying a URL via the PSA_PATH parameter. Documented impact is arbitrary code ...

Remote file inclusion

PHP remote file inclusion vulnerability in examples/widget8.php in phpHtmlLib 2.4.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter...

CVE-2007-2609

Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the a ETCDIR parameter to 1 libs/lom.php; 2 lomupdate.php, 3 check-lom.php, and 4 weighkeywords.php in scripts/; the b LIBSDIR parameter to 5 logout.php, 6 help.php...

EUVD-2007-2590

Multiple PHP remote file inclusion vulnerabilities in telltarget CMS 1.3.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 ordnertiefe parameter to siteconf.php; or the 2 ttdocroot parameter to a class.csv.php, b produktenachserie.php, or c refkdrubrik.php in functionen/; ...

CVE-2007-2614

PHP remote file inclusion vulnerability in examples/widget8.php in phpHtmlLib 2.4.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter...

CVE-2007-2611

Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to 1 mtdialogo.php, 2 ltdialogo.php, 3 login.php, and 4 logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/...

CVE-2007-2575

PHP remote file inclusion vulnerability in watermark.php in the vm aka Jean-Francois Laflamme watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERYBASEDIR parameter...

CVE-2007-2575

PHP remote file inclusion vulnerability in watermark.php in the vm aka Jean-Francois Laflamme watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERYBASEDIR parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the configpathMod parameter to index.php in 1 mod/image/, 2 mod/liens/, 3 mod/liste/, 4 mod/special/, or 5 mod/texte/...

CVE-2007-2527

Multiple PHP remote file inclusion vulnerabilities in DynamicPAD before 1.03.31 allow remote attackers to execute arbitrary PHP code via a URL in the HomeDir parameter to 1 dplogs.php or 2 index.php...

nuked176-exec.txt

Website: http://www.acid-root.new.fr/ PHP conditions: None = Private since 2 months. errorreportingEALL ^ ENOTICE; This file require the PhpSploit class. require"phpsploitclass.php"; If you want to use this class, the latest version can be downloaded from acid-root.new.fr. $xpl = new phpsploit;...

Nuked-klaN 1.7.6 Remote Code Execution Exploit

No description provided by source. ?php Nuked-klaN 1.7.6 Remote Code Execution Exploit ------------------------------------------------ Author: DarkFig [email protected] Website: http://www.acid-root.new.fr/ PHP conditions: None = Private since 2 months. errorreportingEALL ^ ENOTICE; This file...

Nuked-klaN 1.7.6 - Remote Code Execution

Nuked-klaN 1.7.6 - Remote Code Execution Website: http://www.acid-root.new.fr/ PHP conditions: None = Private since 2 months. errorreportingEALL ^ ENOTICE; This file require the PhpSploit class. $xpl = new phpsploit; $url = 'http://localhost/nk/'; url $prx = ''; proxy : $pra = ''; basic...

Remote file inclusion

PHP remote file inclusion vulnerability in phpMyChat.php3 in phpMyChat 0.14.5 allows remote attackers to execute arbitrary PHP code via a URL in the ChatPath parameter. NOTE: this has been disputed by multiple third parties and CVE because $ChatPath is set to a constant value...

WordPress WP Table Plugin <= 1.43 - Remote File Inclusion

Because of this vulnerability, the attackers can execute arbitrary PHP code via a URL in the "wpPATH" parameter. Solution Update the WordPress WP Table plugin to the latest available version at least 1.44...

WordPress wordTube Plugin <= 1.43 - Remote File Inclusion

Because of this vulnerability, the attackers can execute arbitrary PHP code via a URL in the "wpPATH" parameter. Solution Update the WordPress wordTube plugin to the latest available version at least 1.44...

Remote file inclusion

PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter...

CVE-2007-2426

PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter...