CVE-2006-6065

PHP remote file inclusion vulnerability in includes/mxcommon.php in the CalSnails Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the modulerootpath parameter...

CVE-2006-6043

PHP file inclusion vulnerability in loginform-inc.php in Oliver formerly Webshare 1.2.2 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the confmotdfile parameter, which is accessed by the...

CVE-2006-6042

PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the editorinsertbottom parameter...

CVE-2006-6049

PHP remote file inclusion vulnerability in shambo2.php in the Shambo2 comshambo2 component for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

a-ConMan 3.2b - common.inc.php Remote File Inclusion

a-ConMan 3.2b - common.inc.php Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV61$2006 ------------------------------------------------------------------------------ ECHOADV61$2006 a-ConMan = v3.2beta Remote File Inclusion...

a-ConMan <= 3.2b (common.inc.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== a-ConMan = 3.2b common.inc.php Remote File Inclusion Vulnerability ===================================================================== \ /\ \ / | \ \ | / \ // / | \ |...

CVE-2006-6033

Multiple directory traversal vulnerabilities in Simple PHP Blog SPHPBlog, probably 0.4.8, allow remote attackers to read arbitrary files and possibly include arbitrary PHP code via a .. dot dot sequence in the blogtheme parameter in 1 index.php, 2 addcgi.php, 3 addlink.php, 4 login.php, 5...

WORK System E-Commerce g_include参数远程文件包含漏洞

WORK System E-Commerce是一款动态内容和站点管理系统。 WORK System E-Commerce在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意指令。 WORK System E-Commerce的index.php和module/forum/forum.php脚本没有正确验证ginclude参数的输入，允许攻击者通过包含本地或外部资源文件执行任意PHP代码。漏洞相关的代码如下： include $ginclude."file.inc"; Laurent Van den Reysen WORK system...

Boonex 2.0 Dolphin - &#039;index.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/21182/info Dolphin is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver process. This may allow the...

CVE-2006-5929

PHP remote file inclusion vulnerability in firepjs.php in Phpjobscheduler 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the installedconfigfile parameter. NOTE: the provenance of this information is unknown; details are obtained from third party sources...

CVE-2006-5928

Multiple PHP remote file inclusion vulnerabilities in Phpjobscheduler 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the installedconfigfile parameter to 1 add-modify.php, 2 delete.php, 3 modify.php, and 4 phpjobscheduler.php...

CVE-2006-5899

The CVE-2006-5899 issue is a PHP remote file inclusion in @cid stats 2.3 via the repertoire parameter of install.php3, enabling remote code execution. The root cause is the presence of install.php3 that can be invoked with a URL parameter to include arbitrary PHP code. The notes in sources indica...

CVE-2006-5910

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 20061110 allow remote attackers to execute arbitrary PHP code via a URL in the gdocumentRoot parameter to 1 bugreporter/thankyou.php and 2 feedback/thankyou.php in implementation/management/priv/...

minibb2-rfi.txt

Title : MiniBB Forum = 2 Remote File Include index.php Discovered By :::: ThE-LoRd-Of-CrAcKiNg MeHdi ------------------------------------------------------------------------ Sorce Code: http://www.minibb.net/download.php?file=minibb20 ----- Affected software description : Application : MiniBB For...

Update Protection against phpFullAnnu 'repmod' parameter File Inclusion Vulnerability

phpFullAnnu, a content management system portal application, is prone to a remote file inclusion vulnerability. An attacker can exploit this vulnerability to execute arbitrary PHP code on an affected system via a maliciously crafted URL in the 'repmod' parameter...

CVE-2006-5845

Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 allows remote authenticated users to upload and execute arbitrary PHP code by setting the upload parameter to 1...

CVE-2006-5837

Static code injection vulnerability in chatpanel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chatlog.php via the msg parameter...

CVE-2006-5837

Static code injection vulnerability in chatpanel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chatlog.php via the msg parameter...

CVE-2006-5811

PHP remote file inclusion vulnerability in library/translation.inc.php in OpenEMR 2.8.1, with registerglobals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSsrcdir parameter...

CVE-2006-5811

PHP remote file inclusion vulnerability in library/translation.inc.php in OpenEMR 2.8.1, with registerglobals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSsrcdir parameter...