CVE-2007-0704

PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation...

CVE-2007-0699

PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php aka Gsylvain35 Portail Web, PwP before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter...

CVE-2006-6966

CVE-2006-6966 affects phpGraphy before 0.9.13a. The flaw arises when input data includes a numeric parameter whose value matches a hash value of an alphanumeric parameter, allowing a remote attacker to execute arbitrary PHP code by uploading a config.php via the pictures[] parameter to index.php....

CVE-2007-0704

PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation...

EUVD-2007-0680

PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-0662

PHP remote file inclusion vulnerability in includes/usercpviewprofile.php in Hailboards 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

PhpMyRing <= 4.1.3b (path) Remote File Include Vulnerability

Title : PhpMyRing = 4.1.3b path Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.microniko.net/phpmyring/ $$ : Free ERROR .. ... ..... ? include $fichier.".php"; ? .. ... ..... ERROR RFI http://target/path//lang/leslangues.php?fichier=SHELL Example:...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in EncapsCMS 0.3.6 allow remote attackers to execute arbitrary PHP code via a URL in the 1 configpath parameter to a commonfoot.php or b blogs.php, or 2 the configtheme parameter to c admin/galleryhead.php...

CVE-2007-0639

Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via 1 a REMOTEADDR cookie or 2 a cookie specifying an element of the msg array with an error number in the first...

CVE-2007-0639

Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via 1 a REMOTEADDR cookie or 2 a cookie specifying an element of the msg array with an error number in the first...

Remote file inclusion

PHP remote file inclusion vulnerability in ainsmain.php in Johannes Gijsbers aka Taradino Ad Fundum Integratable News Script AINS 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ainspath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2007-0570

PHP remote file inclusion vulnerability in ainsmain.php in Johannes Gijsbers aka Taradino Ad Fundum Integratable News Script AINS 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ainspath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULESDIR parameter...

CVE-2007-0551

Multiple PHP remote file inclusion vulnerabilities in cmsimple/cms.php in CMSimple 2.7 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pthfileconfig and 2 pthfileimage parameters...

CVE-2006-6957

PHP remote file inclusion vulnerability in addons/modmedia/body.php in Docebo 3.0.3 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSwhereframework parameter. NOTE: this issue might be resultant from a global overwrite...

CVE-2007-0508

PHP remote file inclusion vulnerability in lib/selectlang.php in BBClone 0.31 allows remote attackers to execute arbitrary PHP code via a URL in the BBCLANGUAGEPATH parameter...

PT-2007-1990 · Unknown · Advanced Guestbook

Name of the Vulnerable Software and Affected Versions: Advanced Guestbook version 2.4.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the include path parameter to API endpoints such as "index.php", "addentry.php", or "picture.php". Recommendations: For...

Remote file inclusion

PHP remote file inclusion vulnerability in index.php in FreeForum 0.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. NOTE: this issue has been disputed by third party researchers, stating that fpath variable is initialized before being used...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Openads aka phpAdsNew 2.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the 1 phpAdsgeoPlugin parameter to libraries/lib-remotehost.inc, the 2 filename parameter to admin/report-index, or the 3 phpAdsconfigmyfooter...