Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute arbitrary PHP code via a URL in the 1 incpath parameter to a anoskin.php, b astub.php, c admin.php, d contact.php, e default.php, f index.php, and g multiblogs.php in blogs/; the 2 viewpath and 3...

Remote file inclusion

PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

CVE-2007-2327

PHP remote file inclusion vulnerability in editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settingsappdir parameter...

CVE-2007-2325

PHP remote file inclusion vulnerability in include.php in MyNewsGroups : allows remote attackers to execute arbitrary PHP code via a URL in the myngroot parameter...

CVE-2007-2329

PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in install/index.php in BlooFoxCMS 0.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the contentphp parameter. NOTE: this issue has been disputed by a reliable third party, stating that contentphp is initialized before use...

CVE-2007-2317

Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier, as used by TOSMO/Mambo 4.0.12 and probably other products, allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to bbplugins.php in 1 components/minibb/ or 2...

CVE-2007-2307

PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter...

CVE-2007-2288

PHP remote file inclusion vulnerability in info.php in Doruk100.net doruk100net allows remote attackers to execute arbitrary PHP code via a URL in the file parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 engdir parameter to addmember.php, 2 langpath parameter to admin/enginelib/class.phpmailer.php, and the 3 spawroot parameter to...

CVE-2007-2258

PHP remote file inclusion vulnerability in includes/init.inc.php in PHPMyBibli allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter...

CVE-2007-2255

Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 engdir parameter to addmember.php, 2 langpath parameter to admin/enginelib/class.phpmailer.php, and the 3 spawroot parameter to...

CVE-2007-2236

footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting XSS attack, or via the puninclude tag, as demonstrated by use of adminoptions.php to execute PHP code from an uploaded avatar file...

Cross site scripting

footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting XSS attack, or via the puninclude tag, as demonstrated by use of adminoptions.php to execute PHP code from an uploaded avatar file...

HTMLEditBox 2.2 - config.php Remote File Inclusion

HTMLEditBox 2.2 - config.php Remote File Inclusion source: https://www.securityfocus.com/bid/23664/info htmlEditbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this vulnerability to execute malicious PHP cod...

HTMLEditBox 2.2 - 'config.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/23664/info htmlEditbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this vulnerability to execute malicious PHP code in the context of the webserver. This may allow t...

Remote file inclusion

PHP remote file inclusion vulnerability in lib/pcltar.lib.php aka pcltar.php in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including 1 Joomla! 1.5.0 Beta, 2 N/X Web Content Management System WCMS 4.5, 3 CJG EXPLORER PRO 3.3, and 4...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/adminalbumotf.php in the MX Smartor Full Album Pack FAP 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-2189

PHP remote file inclusion vulnerability in admin/adminalbumotf.php in the MX Smartor Full Album Pack FAP 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-2190

PHP remote file inclusion vulnerability in admin/public/webpages.php in Eba News 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter...