7202 matches found
CVE-2007-5100
Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a before 20070922, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter to 1 language/langgerman/langadminalbum.php, 2...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the gsLanguage parameter to 1 search/search.php, 2 poll/inlinepoll.php, 3 poll/showpoll.php, 4 links/showlinks.php, or 5 links/submitlinks.php in...
CVE-2007-5053
Multiple incomplete blacklist vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in 1 the adminhome parameter to modules/poll/pollsummary.php or 2 the rootdp parameter to include/db.php; or a URL in the languagehome parameter to 3...
Remote file inclusion
PHP remote file inclusion vulnerability in html/modules/extranetprofile/main.php in openEngine 1.9 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the thismodulepath parameter. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a...
XCMS 1.11.7 - Password Arbitrary PHP Code Execution
XCMS 1.11.7 - Password Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/25771/info Xcms is prone to a vulnerability that lets attackers execute arbitrary PHP code because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to...
XCMS 1.1/1.7 - 'Password' Arbitrary PHP Code Execution
source: https://www.securityfocus.com/bid/25771/info Xcms is prone to a vulnerability that lets attackers execute arbitrary PHP code because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary malicious PHP code in the context of...
CMS Made Simple 1.2 - Remote Code Execution
CMS Made Simple 1.2 - Remote Code Execution o bug /". . . . .-' -...-'/ o o , . o -...--".\ vuln.: CMS Made Simple 1.1.2 Remote Code Execution Vulnerability author: [email protected] download: http://dev.cmsmadesimple.org/frs/download.php/1424/cmsmadesimple-1.1.2.zip dork: "powered by CMS Made Simpl...
CMS Made Simple 1.2 - Remote Code Execution
o bug /". . . . .-' -...-'/ o o , . o -...--".\ vuln.: CMS Made Simple 1.1.2 Remote Code Execution Vulnerability author: [email protected] download: http://dev.cmsmadesimple.org/frs/download.php/1424/cmsmadesimple-1.1.2.zip dork: "powered by CMS Made Simple version 1.1.2" greetz: cOndemned, kacper,...
CMS Made Simple 1.2 Remote Code Execution Vulnerability
Exploit for unknown platform in category web applications ======================================================= CMS Made Simple 1.2 Remote Code Execution Vulnerability ======================================================= o bug /". . . . .-' -...-'/ o o , . o -...--".\ vuln.: CMS Made Simple...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in pSlash 0.70 allow remote attackers to execute arbitrary PHP code via a URL in 1 the lvcadmindir parameter to modules/visitors2/admin/view-archiver.inc.php or 2 the lvcincludedir parameter to modules/visitors2/include/menus.inc.php. NOTE: the...
Remote file inclusion
PHP remote file inclusion vulnerability in language/langgerman/langmainalbum.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2007-5009
PHP remote file inclusion vulnerability in language/langgerman/langmainalbum.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2007-5014
Multiple PHP remote file inclusion vulnerabilities in pSlash 0.70 allow remote attackers to execute arbitrary PHP code via a URL in 1 the lvcadmindir parameter to modules/visitors2/admin/view-archiver.inc.php or 2 the lvcincludedir parameter to modules/visitors2/include/menus.inc.php. NOTE: the...
CVE-2007-4951
PHP remote file inclusion vulnerability in sample.php in YaPiG 0.95b allows remote attackers to execute arbitrary PHP code via a URL in the YAPIGPATH parameter. NOTE: this issue has been disputed by CVE, since YAPIGPATH is defined before use...
Remote file inclusion
PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic comjoom12pic 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfiglivesite parameter...
CVE-2007-4954
PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic comjoom12pic 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfiglivesite parameter...
CVE-2007-4954
CVE-2007-4954 describes a PHP remote file inclusion in the Joomla! 1.0 extension joom12Pic (com_joom12pic), specifically via the mosConfig_live_site parameter in admin.joom12pic.php. The vulnerability allows an attacker to supply a crafted URL and potentially execute arbitrary PHP code on the ser...
CVE-2007-4942
PHP remote file inclusion vulnerability in modules/Discipline/StudentFieldBreakdown.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter, a different vector than CVE-2007-4806. NOTE: the provenance of this information is unknown...
Code injection
Direct static code injection vulnerability in includes/admin/sub/confappearence.php in Shop-Script FREE 2.0 and earlier allows remote attackers to inject arbitrary PHP code into cfg/appearence.inc.php via a saveappearence action in admin.php, as demonstrated with the 1 productscount, 2 colscount,...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 programfiles/livedraft/livedraft.php or 2 programfiles/livedraft/admin.php...