Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SLAED CMS 2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 path parameter to admin/admin.php or the 2 modpath parameter to index.php...

CVE-2007-1976

PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfigrootpath parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application'...

Chatness 2.5.3 - options.phpsave.php Remote Code Execution

Chatness 2.5.3 - options.phpsave.php Remote Code Execution ?/ Files: options.php, save.php Affects: Chatness = 2.5.3 Date: 12th April 2007 Issue Description: =========================================================================== Chatness suffers with two main vulnerabilities, the first of...

CVE-2007-1967

PHP remote file inclusion vulnerability in index.php in stat12 allows remote attackers to execute arbitrary PHP code via a URL in the langpath parameter. NOTE: this issue was published by an unreliable researcher, and there is little information to determine which product is actually affected. Th...

Crea-Book <= 1.0 Admin Access Bypass / DB Disclosure / Code Execution

/======================================= | Advisory :: Crea-Book = 1.0 | +=======================================+--------------------------------------------------------------- | | | Download link : http://www.comscripts.com/scripts/php.creabook.1359.html | | Type : Guestbook | | Vuln. found :...

MyNews 4.2.2 - Week_Events.php Remote File Inclusion

MyNews 4.2.2 - WeekEvents.php Remote File Inclusion source: https://www.securityfocus.com/bid/23398/info MyNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containin...

MyNews 4.2.2 - 'Week_Events.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/23398/info MyNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context o...

mybb-exec.txt

!/usr/bin/php escapestring. They don't corrected the function this is a choice ... the bad and they forgot to correct 1 only SQL request. They must correct the problem at the source = if$argc URL: http://www.acid-root.new.fr/ -----------------------------------------------------------------------...

CVE-2007-1844

Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsites PHP 5 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 button/settingssql.php, 2 settingssql.php, and 3 sources/misc/newday.php...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsites PHP 5 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 button/settingssql.php, 2 settingssql.php, and 3 sources/misc/newday.php...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the langfilename parameter to 1 index.php or 2 backupdb.inc.php in admin/, or other unspecified files, different vectors than CVE-2006-5505. NOTE: this issue has bee...

Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability

----------------------------------------------------------------------------------------- Maplab = 2.2.1 gszAppPath Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : Mufti Rizal a.k.a mbahngarso Date : March, 30t...

CVE-2007-1818

PHP remote file inclusion vulnerability in MODforumfieldsparse.php in the Forum picture and META tags 1.7 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-1818

PHP remote file inclusion vulnerability in MODforumfieldsparse.php in the Forum picture and META tags 1.7 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-1812

PHP remote file inclusion vulnerability in utilitaires/gestionsondage.php in BT-Sondage 112 allows remote attackers to execute arbitrary PHP code via a URL in the repertoirevisiteur parameter...

Information disclosure

JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1795

JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-7185

PHP remote file inclusion vulnerability in includes/userstandard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relativeroot parameter...

CVE-2006-7182

PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...

CVE-2007-1775

Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...