CVE-2006-3777

PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2006-3676

PlanetGallery’s admin/gallery_admin.php contains a vulnerability that allows remote code execution via file uploads with a double extension, bypassing a safe-types regex and placing the file in the images directory. The flaw arises because the regex matches names like example.png.php, which PHP t...

CVE-2006-3748

PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

MiniBB 1.5 - 'news.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/19095/info MiniBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context o...

ListMessenger 0.9.3 - LM_Path Remote File Inclusion

ListMessenger 0.9.3 - LMPath Remote File Inclusion source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

VisNetic Mail Server 8.3.5 - Multiple File Inclusions

source: https://www.securityfocus.com/bid/19002/info VisNetic Mail Server is prone to multiple local file-include vulnerabilities and a remote file includes vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these...

Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/19027/info The Calendar module for Mambo is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...

ListMessenger 0.9.3 - 'LM_Path' Remote File Inclusion

source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicio...

VisNetic Mail Server 8.3.5 - Multiple File Inclusions

VisNetic Mail Server 8.3.5 - Multiple File Inclusions source: https://www.securityfocus.com/bid/19002/info VisNetic Mail Server is prone to multiple local file-include vulnerabilities and a remote file includes vulnerability. These issues are due to a failure in the application to properly saniti...

Mambo / Joomla! Component / Module 'mosConfig_absolute_path' Multiple Parameter Remote File Include Vulnerabilities

A third-party component for Mambo, Module, or Joomla! is running on the remote host. At least one of these components is a version that is affected by a remote file include vulnerability due to improper sanitization of user-supplied input to the 'mosConfigabsolutepath' parameter before using it t...

[SA21038] CzarNews "tpath" File Inclusion Vulnerability

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

Subberz Lite - UserFunc Remote File Inclusion

Subberz Lite - UserFunc Remote File Inclusion source: https://www.securityfocus.com/bid/18990/info SubberZLite is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containi...

FlatNuke 2.5.7 - index.php Remote File Inclusion

FlatNuke 2.5.7 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/18966/info FlatNuke is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include...

FlatNuke 2.5.7 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18966/info FlatNuke is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP...

SimpleBoard sbp Parameter Remote File Inclusion

Binary data 3684.prm...

Ottoman CMS <= 1.1.3 (default_path) Remote File Inclusion Exploit

Exploit for unknown platform in category web applications ================================================================= Ottoman CMS = 1.1.3 defaultpath Remote File Inclusion Exploit ================================================================= !/usr/bin/perl use IO::Socket; Jacek Wlodarcz...

Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/18914/info phpBB for Mambo is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

Ottoman CMS &lt;= 1.1.3 (default_path) Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; Jacek Wlodarczyk j4ck - jacekwloatgmaildotcom Title: Ottoman CMS = 1.1.3 Remote File Inclusion Exploit Application: Ottoman Content Management System Version: 1.1.3 and prior Url: http://www.lowter.com/p/ottoman Affected software...

CVE-2006-3387

Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when registerglobals is enabled, allows remote attackers to include arbitrary files via a .. dot dot sequence in the filconfig parameter, which can be used to execute PHP code that has been injected into a log file...

CVE-2006-3362

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in 1 Geeklog 1.4.0 through 1.4.0sr3, 2 toendaCMS 1.0.0 Shizouka Stable and earlier, 3 WeBid 0.5.4, and possibly other products, when installed on Apache with modmime, allows remote...