PT-2025-50764

Name of the Vulnerable Software and Affected Versions xbtitFM version 4.1.18 Description The software contains an insecure file upload issue. Authenticated attackers with administrative privileges can upload and execute arbitrary PHP code through the file hosting feature. File type restrictions c...

EUVD-2006-5821

Malware in sbrugna...

EUVD-2015-4141

Malware in sbrugna...

CVE-2025-30091

In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject and execute arbitrary code. Attacker-controlled data to InstallCommand can be inserted into config.php, and InstallCommand is available...

CVE-2015-3173

The CVE-2015-3173 entry concerns the WordPress plugin “custom-content-type-manager.” Multiple connected sources document that a site administrator can trigger arbitrary PHP remote code execution through this plugin, indicating a vulnerability in the plugin code that allows PHP execution with admi...

Custom Content Type Manager <= 0.9.8.5 - Remote Code Execution

CCTM plugin can be used by an administrator to achieve arbitrary PHP remote code execution...

MySQLDumper 1.24.4 - &#039;menu.php&#039; PHP Remote Code Execution

source: https://www.securityfocus.com/bid/53310/info MySQLDumper is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the...

Invision Power Board 3.3.0 Local File Inclusion

Exploit for php platform in category web applications Author: Janek Vind "waraxe" Date: 12. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-86.html CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2226 Description of vulnerable software: Invision Power Board...

40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net &#40;Simple Audit&#41;

This is the first batch of vulnerabilities found by the SimpleAudit team from elhacker.net http://labs.elhacker.net/simpleaudit Our goal is to evaluate the security of SMF 2.0 before using it on our own server, and we have found several security vulnerabilities. The vulnerabilities that also appl...

CVE-2007-1483

Multiple PHP remote file inclusion vulnerabilities in WebCalendar 0.9.45 allow remote attackers to execute arbitrary PHP code via a URL in the includedir parameter to 1 login.php, 2 getreminders.php, or 3 getevents.php...

CVE-2007-0762

PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-4425

Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the CCFGPKGPATHINCL parameter in coinincludes scripts including 1 api.php, 2 common.php, 3 core.php, 4 custom.php, 5 db.php, 6 redirect.php or 7 sessionset.php. NOTE: the...