CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7212 matches found

Exploit DB•added 2006/06/02 12:0 a.m.•20 views

MyBloggie 2.1.x - 'MyBloggie_Root_Path' Remote File Inclusion

source: https://www.securityfocus.com/bid/19449/info MyBloggie is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in...

7.4AI score

Exploits0

Prion•added 2006/06/01 10:2 a.m.•11 views

Remote file inclusion

PHP remote file inclusion vulnerability in blenddata/blendcommon.php in Blend Portal 1.2.0, as used with phpBB when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter. NOTE: This is a similar vulnerability to CVE-2006-2507...

5.1CVSS7.7AI score0.04273EPSS

Exploits2References10Affected Software1

Prion•added 2006/06/01 10:2 a.m.•13 views

Remote file inclusion

PHP remote file inclusion vulnerability in language/langenglish/langactivity.php in Activity MOD Plus Amod 1.1.0, as used with phpBB when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter. NOTE: This is a similar vulnerabili...

5.1CVSS7.7AI score0.06887EPSS

Exploits2References12Affected Software1

Prion•added 2006/06/01 10:2 a.m.•17 views

Directory traversal

Directory traversal vulnerability in index.php in PhpMyDesktop|arcade 1.0 FINAL allows remote attackers to read arbitrary files or execute PHP code via a .. dot dot sequence and trailing null %00 byte in the subsite parameter in a showsubsite todo...

5.1CVSS7.7AI score0.02672EPSS

Exploits1References7Affected Software1

Prion•added 2006/06/01 10:2 a.m.•10 views

Remote file inclusion

PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter...

7.5CVSS8.1AI score0.09683EPSS

Exploits1References9Affected Software1

NVD•added 2006/06/01 10:2 a.m.•17 views

CVE-2006-2747

5.1CVSS7.2AI score0.02672EPSS

Exploits1References7

Cvelist•added 2006/06/01 10:0 a.m.•25 views

CVE-2006-2747

7.2AI score0.02672EPSS

Exploits1References7

exploitpack•added 2006/06/01 12:0 a.m.•13 views

SiteBuilder-FX - top.php Remote File Inclusion

SiteBuilder-FX - top.php Remote File Inclusion source: https://www.securityfocus.com/bid/18756/info SiteBuilder-FX is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

7.5AI score

Exploits0

Exploit DB•added 2006/06/01 12:0 a.m.•34 views

SiteBuilder-FX - 'top.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18756/info SiteBuilder-FX is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

7AI score

Exploits0

Prion•added 2006/05/31 10:6 a.m.•17 views

Remote file inclusion

PHP remote file inclusion vulnerability in 404.php in open-medium.CMS 0.25 allows remote attackers to execute arbitrary PHP code via a URL in the REDSYSMYPATHTEMPLATES parameter...

6.4CVSS8AI score0.02247EPSS

Exploits1References4Affected Software1

Prion•added 2006/05/31 10:6 a.m.•21 views

Remote file inclusion

PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALSAAINCPATH parameter in 1 cached.php3, 2 cron.php3, 3 discussion.php3, 4 filldisc.php3, 5 filler.php3, 6 fillform.php3, 7 go.php3, 8 hiercons.php3, 9...

6.4CVSS8.2AI score0.13382EPSS

Exploits1References61Affected Software1

Exploit DB•added 2006/05/31 12:0 a.m.•35 views

osTicket 1.x - 'Open_form.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18190/info osTicket is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PH...

7AI score

Exploits0

FreeBSD•added 2006/05/31 12:0 a.m.•19 views

dokuwiki -- multiple vulnerabilities

Multiple vulnerabilities have been reported within dokuwiki. dokuwiki is proven vulnerable to: arbitrary PHP code insertion via spellcheck module, XSS attack via "Update your account profile," bypassing of ACL controls when enabled...

3AI score

Exploits0References3

Prion•added 2006/05/30 9:2 p.m.•22 views

Remote file inclusion

PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGpeardir parameter...

7.5CVSS7.7AI score0.03498EPSS

Exploits1References6Affected Software1

UbuntuCve•added 2006/05/30 9:2 p.m.•28 views

CVE-2006-2667

Direct static code injection vulnerability in WordPress 2.0.2 and earlier allows remote attackers to execute arbitrary commands by inserting a carriage return and PHP code when updating a profile, which is appended after a special comment sequence into files in 1 wp-content/cache/userlogins/ 2...

7.5CVSS6.3AI score0.14272EPSS

Exploits1References1

Prion•added 2006/05/30 9:2 p.m.•19 views

Code injection

7.5CVSS8.1AI score0.14272EPSS

Exploits1References9Affected Software1

Prion•added 2006/05/30 9:2 p.m.•12 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 modules/credits/business.php, 2 modules/credits/credits.php, or 3 modules/credits/help.php...

7.5CVSS8.2AI score0.0384EPSS

Exploits0References7Affected Software1

NVD•added 2006/05/30 9:2 p.m.•33 views

CVE-2006-2667

7.5CVSS7.9AI score0.14272EPSS

Exploits1References9