AngelineCMS loadkernel.php installPath Parameter Remote File Inclusion

The remote host is running AngelineCMS, an open source content management system written in PHP. The version of AngelineCMS installed on the remote host fails to sanitize user-supplied input to the 'installPath' parameter of the '/kernel/loadkernel.php' script before using it in a PHP 'includeonc...

Remote file inclusion

PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party ALP, allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when registerglobals is disabled...

CVE-2006-1596

PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter...

CVE-2006-1596

PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter...

CVE-2006-1576

Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php...

Code injection

Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php...

CVE-2006-1576

Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php...

Remote file inclusion

PHP remote file inclusion vulnerability in index.php in MediaSlash Gallery allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter part of the $pagemenu variable...

CVE-2006-1563

Direct static code injection vulnerability in config.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other VBook scripts...

Code injection

Direct static code injection vulnerability in config.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other VBook scripts...

MediaSlash Gallery - index.php Remote File Inclusion

MediaSlash Gallery - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...

MediaSlash Gallery - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

PHP Live Helper Multiple Remote File Inclusions

The remote host is running PHP Help Live, a commercial web-based real-time help tool written using PHP and MySQL. The version of PHP Help Live installed on the remote host fails to sanitize input to the 'abspath' parameter before using it in various scripts to include files with PHP code. An...

Mambo Open Source Multiple Vulnerabilities

The remote installation of Mambo Open Source fails to sanitize input to the 'mosusertemplate' cookie before using it to include PHP code from a local file. An unauthenticated attacker may be able to exploit this issue to view arbitrary files or to execute arbitrary PHP code on the affected host. ...

4Images <= 1.7.1 Directory Traversal Vulnerability

The remote web server is running 4Images which is prone to directory traversal attacks. SPDX-FileCopyrightText: 2006 Ferdy Riphagen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

VihorDesign - index.php Remote File Inclusion

VihorDesign - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/17227/info VihorDesign is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include...

VihorDesign - &#039;index.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/17227/info VihorDesign is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

CVE-2006-1363

images.php in Justin White aka YTZ Free Web Publishing System FreeWPS 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file...

Remote file inclusion

PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter...

CVE-2006-1294

PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter...