1132 matches found
EUVD-2006-5267
Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to 1 report.php, 2 archive.php, 3 comments.php, 4 init.php, or 5 news.php...
EUVD-2006-5226
Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Gallery 1.4 and earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the docdirectory parameter in 1 file.php; 2 finduser.php, 3 libuser.php, 4 libformuser.php, and 5 user.ph...
PHP 5.1.x < 5.1.4 Multiple Vulnerabilities
Binary data 3509.prm...
EUVD-2006-5205
Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via the webyepsIncludePath in 1 files in the programm/lib/ directory including a WYApplication.php, b WYDocument.php, c WYEditor.php, d...
CVE-2006-5021
Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in 1 the root parameter in imgen.php, and the rootpath parameter in 2 admin/config.php, 3 common.php, and 4 admin/index.php. NOTE: the provenance of this...
EUVD-2006-5006
Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the basepath parameter in manager/pages/ scripts including 1 AccountsPage.class.php, 2 AddInvoicePage.class.php, 3 AddIPAddressPage.class.php, 4...
EUVD-2006-4877
Multiple PHP remote file inclusion vulnerabilities in UNAK-CMS 1.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the dirroot parameter to 1 fckeditor/editor/filemanager/browser/default/connectors/php/connector.php or 2 fckeditor/editor/dialog/fcklink.php...
EUVD-2006-4658
Multiple PHP remote file inclusion vulnerabilities in PhotoKorn Gallery 1.52 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the dirpath parameter in 1 includes/cart.inc.php or 2 extras/extcats.php...
e107 <= 0.75 (GLOBALS Overwrite) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ============================================================== e107 = 0.75 GLOBALS Overwrite Remote Code Execution Exploit ============================================================== !/usr/bin/php -q -d shortopentag=on ? printr'...
CVE-2006-4264
Multiple PHP remote file inclusion vulnerabilities in the lmtgmyhomepage Component comlmtgmyhomepage for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter in 1 install.lmtghomepage.php and 2 mtghomepage.php. NOTE: this issue has been...
EUVD-2006-4150
Multiple PHP remote file inclusion vulnerabilities in Tony Bibbs and Vincent Furia MVCnPHP 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the glConfpathlibrary parameter to 1 BaseCommand.php, 2 BaseLoader.php, and 3 BaseView.php...
EUVD-2006-4065
Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attackers to execute arbitrary PHP code via a URL in the basedir parameter to 1 login.php, 2 reactivate.php, or 3 register.php...
CVE-2006-4076
CVE-2006-4076 affects Wim Fleischhauer Docpile (docpile:we) 0.2.2. The issue is a set of PHP remote file inclusion vulnerabilities allowing an attacker to trigger remote PHP code execution by supplying a URL via the INIT_PATH parameter to any of: lib/access.inc.php, lib/folders.inc.php, lib/init....
EUVD-2006-3983
Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Savant2, possibly when used with the commtree component for Mambo and Joomla!, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter in 1 Savant2Pluginstylesheet.php, 2...
EUVD-2006-3765
Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to 1 articles.php, 2 contact.php, 3 displaypage.php, 4 faq.php, 5 mainbody.php, 6 news.php, 7...
EUVD-2006-3685
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to 1 components/comminibb.php or 2 components/minibb/index.php...
Mandrake Linux Security Advisory : php (MDKSA-2006:122)
Multiple buffer overflows in the gd graphics library libgd 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function. One instance in gdiodp.c does not appear to be corrected in the...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
EUVD-2006-3337
Multiple PHP remote file inclusion vulnerabilities in Pearl For Mambo module 1.6 for Mambo, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via the 1 phpbbrootpath parameter in a includes/functionscms.php and the 2 GlobalSettingstemplatesDirectory parameter i...