PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV44$2006 ------------------------------------------------------------------------------ ECHOADV44$2006 PHP Simple Shop = 2.0 abspath Remote File Inclusion...

deV!Lz Clanportal [DZCP] <= 1.3.6 Arbitrary File Upload Vulnerability

No description provided by source. S Y N O P S I S / =================' - access: remote severity: high - deV!Lz Clanportal allows nearly arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload PHP code and execute it,...

PHP Live Helper &lt;= 2.0 (abs_path) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...

CVE-2006-6232

PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

CVE-2006-6224

PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array...

CVE-2006-6232

PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

[Full-disclosure] deV!L&#96;z Clanportal - Arbitrary File Upload [061124b]

/ -061124b- | deV!Lz Clanportal - Arbitrary File Upload | / S Y N O P S I S / =================' - access: remote severity: high - deV!Lz Clanportal allows nearly arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload PHP...

deV!Lz Clanportal [DZCP] <= 1.3.6 Arbitrary File Upload Vulnerability

Exploit for unknown platform in category web applications ===================================================================== deV!Lz Clanportal DZCP = 1.3.6 Arbitrary File Upload Vulnerability ===================================================================== S Y N O P S I S /...

Serendipity serendipity_event_bbcode.php Script serendipity[charset] Parameter Local File Inclusion

The 'plugins/serendipityeventbbcode/serendipityeventbbcode.php' script included with the version of Serendipity installed on the remote host fails to sanitize input to the 'serendipitycharset' parameter before using it to include PHP code. Provided PHP's 'registerglobals' setting is enabled, an...

DZCP (deV!L_z Clanportal) 1.3.6 - Arbitrary File Upload

DZCP deV!Lz Clanportal 1.3.6 - Arbitrary File Upload S Y N O P S I S / =================' - access: remote severity: high - deV!Lz Clanportal allows nearly arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload PHP code a...

kronolith -- arbitrary local file inclusion vulnerability

iDefense Labs reports: Remote exploitation of a design error in Horde's Kronolith could allow an authenticated web mail user to execute arbitrary PHP code under the security context of the running web server. The vulnerability specifically exists due to a design error in the way it includes certa...

kubix 0.7 - Multiple Vulnerabilities

!/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc Related: path of the file to include\r\n"; echo " |- Es: php ".$argv0." localhost /kubix/ 1 ../../../../../etc/passwd\r\n\r\n"; echo " 2 - Login Bypass PoC\r\n"; echo " |-...

Kubix <= 0.7 Multiple Remote Vulnerabilities Exploit

Exploit for unknown platform in category web applications ==================================================== Kubix Related: path of the file to include\r\n"; echo " |- Es: php ".$argv0." localhost /kubix/ 1 ../../../../../etc/passwd\r\n\r\n"; echo " 2 - Login Bypass PoC\r\n"; echo " |- Related:...

CVE-2006-6150

PHP remote file inclusion vulnerability in memory/OWLMemoryProperty.php in OWLLib 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the OWLLIBROOT parameter...

CVE-2006-6151

PHP remote file inclusion vulnerability in centre.php in Messagerie Locale as of 20061127 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-6137

Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the 1 exec parameter to index.php or 2 print parameter to print.php, which is also accessible via the print command to index.php...

Echo Security Advisory 2006.61

------------------------------------------------------------------------------ ECHOADV61$2006 a-ConMan = v3.2beta Remote File Inclusion ------------------------------------------------------------------------------ Author : Ahmad Maulana a.k.a Matdhule Date Found : November, 22nd 2006 Location :...

CVE-2006-6093

Multiple PHP remote file inclusion vulnerabilities in adminprint.php in PicturesPro Photo Cart 3.9 allow remote attackers to execute arbitrary PHP code via a URL in the 1 adminfolder and 2 path parameters...

CVE-2006-6086

PHP remote file inclusion vulnerability in src/arkinc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfgpearpath parameter...

CVE-2006-6081

PHP remote file inclusion vulnerability in SmartyCompiler.class.php in Telaen 1.1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pluginfile parameter...