CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7195 matches found

exploitpack•added 2006/06/02 12:0 a.m.•15 views

Ovidentia 5.6.x5.8 - vacadm.php?babInstallPath Remote File Inclusion

Ovidentia 5.6.x5.8 - vacadm.php?babInstallPath Remote File Inclusion source: https://www.securityfocus.com/bid/18232/info Ovidentia is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues...

0.7AI score

Exploits0

exploitpack•added 2006/06/02 12:0 a.m.•9 views

Ovidentia 5.6.x5.8 - vacadmb.php?babInstallPath Remote File Inclusion

Ovidentia 5.6.x5.8 - vacadmb.php?babInstallPath Remote File Inclusion source: https://www.securityfocus.com/bid/18232/info Ovidentia is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issue...

0.7AI score

Exploits0

exploitpack•added 2006/06/02 12:0 a.m.•16 views

Ovidentia 5.6.x5.8 - options.php?babInstallPath Remote File Inclusion

Ovidentia 5.6.x5.8 - options.php?babInstallPath Remote File Inclusion source: https://www.securityfocus.com/bid/18232/info Ovidentia is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issue...

0.7AI score

Exploits0

Exploit DB•added 2006/06/02 12:0 a.m.•47 views

Ovidentia 5.6.x/5.8 - 'search.php?babInstallPath' Remote File Inclusion

source: https://www.securityfocus.com/bid/18232/info Ovidentia is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and...

7.4AI score

Exploits0

Prion•added 2006/06/01 10:2 a.m.•10 views

Remote file inclusion

PHP remote file inclusion vulnerability in blenddata/blendcommon.php in Blend Portal 1.2.0, as used with phpBB when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter. NOTE: This is a similar vulnerability to CVE-2006-2507...

5.1CVSS7.7AI score0.09441EPSS

Exploits2References10Affected Software1

Prion•added 2006/06/01 10:2 a.m.•8 views

Remote file inclusion

PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter...

7.5CVSS8.1AI score0.09219EPSS

Exploits1References9Affected Software1

NVD•added 2006/06/01 10:2 a.m.•7 views

CVE-2006-2747

Directory traversal vulnerability in index.php in PhpMyDesktop|arcade 1.0 FINAL allows remote attackers to read arbitrary files or execute PHP code via a .. dot dot sequence and trailing null %00 byte in the subsite parameter in a showsubsite todo...

5.1CVSS7.2AI score0.05202EPSS

Exploits1References7

Prion•added 2006/06/01 10:2 a.m.•12 views

Remote file inclusion

PHP remote file inclusion vulnerability in language/langenglish/langactivity.php in Activity MOD Plus Amod 1.1.0, as used with phpBB when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter. NOTE: This is a similar vulnerabili...

5.1CVSS7.7AI score0.1521EPSS

Exploits2References12Affected Software1

Prion•added 2006/06/01 10:2 a.m.•16 views

Directory traversal

5.1CVSS7.7AI score0.05202EPSS

Exploits1References7Affected Software1

Cvelist•added 2006/06/01 10:0 a.m.•14 views

CVE-2006-2747

7.2AI score0.05202EPSS

Exploits1References7

Exploit DB•added 2006/06/01 12:0 a.m.•34 views

SiteBuilder-FX - 'top.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18756/info SiteBuilder-FX is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

7AI score

Exploits0

exploitpack•added 2006/06/01 12:0 a.m.•13 views

SiteBuilder-FX - top.php Remote File Inclusion

SiteBuilder-FX - top.php Remote File Inclusion source: https://www.securityfocus.com/bid/18756/info SiteBuilder-FX is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

7.5AI score

Exploits0

Prion•added 2006/05/31 10:6 a.m.•16 views

Remote file inclusion

PHP remote file inclusion vulnerability in 404.php in open-medium.CMS 0.25 allows remote attackers to execute arbitrary PHP code via a URL in the REDSYSMYPATHTEMPLATES parameter...

6.4CVSS8AI score0.05726EPSS

Exploits1References4Affected Software1

Prion•added 2006/05/31 10:6 a.m.•21 views

Remote file inclusion

PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALSAAINCPATH parameter in 1 cached.php3, 2 cron.php3, 3 discussion.php3, 4 filldisc.php3, 5 filler.php3, 6 fillform.php3, 7 go.php3, 8 hiercons.php3, 9...

6.4CVSS8.2AI score0.09893EPSS

Exploits1References61Affected Software1

Exploit DB•added 2006/05/31 12:0 a.m.•34 views

osTicket 1.x - 'Open_form.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18190/info osTicket is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PH...

7AI score

Exploits0

FreeBSD•added 2006/05/31 12:0 a.m.•19 views

dokuwiki -- multiple vulnerabilities

Multiple vulnerabilities have been reported within dokuwiki. dokuwiki is proven vulnerable to: arbitrary PHP code insertion via spellcheck module, XSS attack via "Update your account profile," bypassing of ACL controls when enabled...

3AI score

Exploits0References3

Prion•added 2006/05/30 9:2 p.m.•22 views

Remote file inclusion

PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGpeardir parameter...

7.5CVSS7.7AI score0.15153EPSS

Exploits1References6Affected Software1

UbuntuCve•added 2006/05/30 9:2 p.m.•26 views

CVE-2006-2667

Direct static code injection vulnerability in WordPress 2.0.2 and earlier allows remote attackers to execute arbitrary commands by inserting a carriage return and PHP code when updating a profile, which is appended after a special comment sequence into files in 1 wp-content/cache/userlogins/ 2...

7.5CVSS6.3AI score0.32191EPSS

Exploits1References1

OSV•added 2006/05/30 9:2 p.m.•2 views

DEBIAN-CVE-2006-2667

7.5CVSS8.3AI score0.32191EPSS

Exploits1References1

Prion•added 2006/05/30 9:2 p.m.•10 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 modules/credits/business.php, 2 modules/credits/credits.php, or 3 modules/credits/help.php...

7.5CVSS8.2AI score0.09457EPSS

Exploits0References7Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by