CVE-2006-2929

PHP remote file inclusion vulnerability in contrib/forms/evaluation/CFormEvaluation.class.php in OpenEMR 2.8.1 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSfileroot parameter...

CVE-2006-2928

Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter in 1 dialogs/img.php and 2 dialogs/td.php...

CVE-2006-2888

PHP remote file inclusion vulnerability in wk/wklang.php in Wikiwig 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WKwkPath parameter...

Immunity Canvas: DOKUWIKI_EXEC

Name| dokuwikiexec ---|--- CVE| CVE-2006-2878 Exploit Pack| CANVAS Description| DokuWiki Spell Checker Embedded Link Arbitrary PHP Code Execution Notes| CVE Name: CVE-2006-2878 VENDOR: DokuWiki Repeatability: Infinite References: 'http://www.hardened-php.net/advisory042006.119.html' CVSS: 7.5 DOR...

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

CVE-2006-2878

CVE-2006-2878 affects DokuWiki (spellcheck.php) where unsanitized PHP code can be injected through the PHP/complex curly syntax in a preg_replace with the /e modifier. A remote unauthenticated attacker could execute arbitrary PHP commands on the webserver running DokuWiki, as described in multipl...

MiraksGalerie 2.62 - galsecurity.lib.php?listconfigfile[0] Remote File Inclusion

MiraksGalerie 2.62 - galsecurity.lib.php?listconfigfile0 Remote File Inclusion source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

MiraksGalerie 2.62 - galimage.lib.php?listconfigfile[0] Remote File Inclusion

MiraksGalerie 2.62 - galimage.lib.php?listconfigfile0 Remote File Inclusion source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...

[SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

MiraksGalerie 2.62 - 'galimage.lib.php?listconfigfile[0]' Remote File Inclusion

source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

MiraksGalerie 2.62 - 'galsecurity.lib.php?listconfigfile[0]' Remote File Inclusion

source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

Remote file inclusion

PHP remote file inclusion vulnerability in layout/prepend.php in DotClear 1.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a FTP URL in the blogdcpath parameter, which passes fileexists and isdir tests on PHP 5...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfigbhfilepath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in config.php in Rumble 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the configArrpathtodir parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to 1 auth/extauth/drivers/mambo.inc.php or 2 auth/extauth/drivers/postnuke.inc.php...

CVE-2006-2845

PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the REXINCLUDEPATH parameter to imageresize/pages/index.inc.php...

CVE-2006-2860

CVE-2006-2860 is a PHP remote file inclusion vulnerability in Webspotblogging 3.0.1. An attacker can trigger arbitrary PHP code execution by supplying a URL in the path parameter to one of four files: inc/logincheck.inc.php, inc/adminheader.inc.php, inc/global.php, or inc/mainheader.inc.php. The ...

PT-2006-3760 · Squirrelmail +1 · Squirrelmail +1

Name of the Vulnerable Software and Affected Versions: SquirrelMail versions 1.4.6 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter, under specific conditions where register globals is enabled and magic quotes gpc is...