CVE-2007-1957

Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php aka Gsylvain35 Portail Web, PwP allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in 1 template/Vert/, or 2 template/Noir/...

CVE-2006-6568

Directory traversal vulnerability in includes/kbconstants.php in the Knowledge Base mxkb 2.0.2 module for mxBB allows remote attackers to include arbitrary files via a .. dot dot sequence in the phpEx parameter...

CVE-2006-3680

Cross-site scripting XSS vulnerability in photocycle in Photocycle 1.0 allows remote attackers to inject arbitrary web script or HTML via the phpage parameter...

CVE-2004-1863

Multiple cross-site scripting XSS vulnerabilities in XMB aka extreme message board 1.9 beta aka Nexus beta allow remote attackers to inject arbitrary web script or HTML via 1 the u2uheader parameter in editprofile.php, the restrict parameter in 2 member.php, 3 misc.php, and 4 today.php, and 5 an...