7195 matches found
CrisoftRicette 1.0 - 'Cookbook.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/18674/info CrisoftRicette is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...
CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion
CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion source: https://www.securityfocus.com/bid/18674/info CrisoftRicette is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this iss...
MF Piadas 1.0 - admin.php Remote File Inclusion
MF Piadas 1.0 - admin.php Remote File Inclusion source: https://www.securityfocus.com/bid/18679/info MF Piadas is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containi...
MF Piadas 1.0 - 'admin.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/18679/info MF Piadas is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...
[ECHO_ADV_34$2006] W-Agora (Web-Agora) <= 4.2.0 (inc_dir) Remote File Inclusion
ECHO.OR.ID ECHOADV34$2006 --------------------------------------------------------------------------------------------------- ECHOADV34$2006 W-Agora Web-Agora = 4.2.0 incdir Remote File Inclusion ---------------------------------------------------------------------------------------------------...
CVE-2006-3173
Multiple PHP remote file inclusion vulnerabilities in ContentBuilder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pathcb parameter to a libraries/comment/postComment.php and b modules/poll/poll.php, 2 rel parameter to c modules/archive/overview.inc.php, and the 3...
CVE-2006-3172
Multiple PHP remote file inclusion vulnerabilities in ContentBuilder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash / character in the 1 langpath parameter to a cms/plugins/colman/column.inc.php, b cms/plugins/poll/poll.inc.php, c...
[SA20713] CMS Faethon "mainpath" File Inclusion and Cross-Site Scripting Vulnerabilities
---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...
Code injection
CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files...
CVE-2006-2931
CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files...
CVE-2006-3102
Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the modmime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles...
PictureDis Products "lang" Parameter File Inclusion Vulnerability
PictureDis Products "lang" Parameter File Inclusion Vulnerability ================================================= Input passed to the "lang" parameter in thumstbl.php, wpfiles.php, and wallpapr.php is not properly verified before being used to include files. This can be exploited to execute...
RahnemaCo - page.php PageID Remote File Inclusion
RahnemaCo - page.php PageID Remote File Inclusion source: https://www.securityfocus.com/bid/18490/info RahnemaCo is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of t...
RahnemaCo - 'page.php' PageID Remote File Inclusion
source: https://www.securityfocus.com/bid/18490/info RahnemaCo is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker ...
Indexu 5.0.1 - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/18477/info Indexu is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...
mcGuestbook 1.3 - 'ecrire.php?lang' Remote File Inclusion
source: https://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code an...
mcGuestbook 1.3 - 'admin.php?lang' Remote File Inclusion
source: https://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code an...
mcGuestbook 1.3 - lire.php?lang Remote File Inclusion
mcGuestbook 1.3 - lire.php?lang Remote File Inclusion source: https://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include...
mcGuestbook 1.3 - ecrire.php?lang Remote File Inclusion
mcGuestbook 1.3 - ecrire.php?lang Remote File Inclusion source: https://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include...
mcGuestbook 1.3 - admin.php?lang Remote File Inclusion
mcGuestbook 1.3 - admin.php?lang Remote File Inclusion source: https://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include...