CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7195 matches found

0day.today•added 2006/10/09 12:0 a.m.•24 views

WebYep <= 1.1.9 (webyep_sIncludePath) File Include Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== WebYep = 1.1.9 webyepsIncludePath File Include Vulnerabilities ================================================================== ECHOADV48$2006...

7.1AI score

Exploits0

0day.today•added 2006/10/09 12:0 a.m.•16 views

OpenDock Easy Blog <=1.4 (doc_directory) File Include Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== OpenDock Easy Blog =1.4 docdirectory File Include Vulnerabilities ===================================================================== ECHOADV50$2006...

7.1AI score

Exploits0

securityvulns•added 2006/10/09 12:0 a.m.•70 views

[ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability

ECHOADV52$2006 ----------------------------------------------------------------------------------------------- ECHOADV52$2006OpenDock Easy Gallery =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

0.6AI score

Exploits0

exploitpack•added 2006/10/09 12:0 a.m.•19 views

OpenDock Easy Gallery 1.4 - doc_directory File Inclusion

OpenDock Easy Gallery 1.4 - docdirectory File Inclusion ECHOADV52$2006 ----------------------------------------------------------------------------------------------- ECHOADV52$2006OpenDock Easy Gallery =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

0.1AI score

Exploits0

seebug.org•added 2006/10/09 12:0 a.m.•19 views

OpenDock Easy Doc <=1.4 (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV49$2006 ----------------------------------------------------------------------------------------------- ECHOADV49$2006OpenDock Easy Doc =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

7.1AI score

Exploits0

securityvulns•added 2006/10/08 12:0 a.m.•67 views

PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability

/ -------------------------------------------------------- Neo Security Team NST - Advisory 25 - 08/10/06 -------------------------------------------------------- Program: PHP Live! Homepage: http://www.phplivesupport.com/ Vulnerable Versions: 3.1 and prior Risk: High! Impact: Critical Risk -==PH...

0.2AI score

Exploits0

Tenable Nessus•added 2006/10/05 12:0 a.m.•34 views

FreeBSD : phpbb -- NULL byte injection vulnerability (86526ba4-53c8-11db-8f1a-000a48049292)

Secunia reports : ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system. Input passed to the 'avatarpath' parameter in admin/adminboard.php is not properly sanitised before being used as a configuration variable to store avata...

4.6CVSS5.8AI score0.02839EPSS

Exploits1References4

Packet Storm•added 2006/10/04 12:0 a.m.•28 views

PixelMotionV2.1.1.txt

!/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip Poc.link......:...

7.4AI score

Exploits0

NVD•added 2006/10/03 4:3 a.m.•10 views

CVE-2006-5115

Directory traversal vulnerability in kgcall.php in KGB 1.87 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the engine parameter, as demonstrated by uploading a file containing PHP code with an image/jpeg content type, and then referencing this file throug...

5.1CVSS7.3AI score0.07151EPSS

Exploits1References5

Positive Technologies•added 2006/10/03 12:0 a.m.•1 views

PT-2006-5892 · Deluxebb · Deluxebb

Name of the Vulnerable Software and Affected Versions: DeluxeBB versions 1.09 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the templatefolder parameter. This can be exploited by providing a malicious URL to the vulnerable parameter,...

7.5CVSS7.7AI score0.10151EPSS

Exploits1References9

Cvelist•added 2006/10/02 8:0 p.m.•20 views

CVE-2006-5137

Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to 1 inject PHP code via a theme array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; 2 inject PHP code via a config array parameter to...

7.6AI score0.03174EPSS

Exploits1References4

CVE•added 2006/10/02 8:0 p.m.•38 views

CVE-2006-5115

CVE-2006-5115 describes a directory-traversal in the web app component kgcall.php of KGB 1.87 . An attacker can abuse the engine parameter with a ".." path to trick the app into including and executing arbitrary local files, demonstrated by uploading a PHP-coded image with an image/jpeg content t...

5.1CVSS7.7AI score0.07151EPSS

Exploits1References5Affected Software1

Cvelist•added 2006/10/02 8:0 p.m.•17 views

CVE-2006-5126

PHP remote file inclusion vulnerability in index.php in John Himmelman aka DaRk2k1 PowerPortal 1.3a allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter...

7.5AI score0.04945EPSS

Exploits1References4

exploitpack•added 2006/10/02 12:0 a.m.•11 views

DeluxeBB 1.09 - Sig.php Remote File Inclusion

DeluxeBB 1.09 - Sig.php Remote File Inclusion source: https://www.securityfocus.com/bid/20292/info DeluxeBB is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files...

7.5AI score

Exploits0

Exploit DB•added 2006/10/02 12:0 a.m.•33 views

DeluxeBB 1.09 - 'Sig.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/20292/info DeluxeBB is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it i...

7.4AI score

Exploits0

NVD•added 2006/09/29 9:7 p.m.•9 views

CVE-2006-5093

PHP remote file inclusion vulnerability in index.php in Tagmin Control Center in TagIt! Tagboard 2.1.B Build 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

7.5CVSS7.5AI score0.12568EPSS

Exploits1References7

Cvelist•added 2006/09/29 9:0 p.m.•10 views

CVE-2006-5095

PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed...

7.5AI score0.01402EPSS

Exploits0References4

NVD•added 2006/09/29 12:7 a.m.•7 views

CVE-2006-5077

PHP remote file inclusion vulnerability in admin/admintopicactionlogging.php in Chris Smith Minerva Build 238 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

5.1CVSS7.6AI score0.05694EPSS

Exploits1References5

Cvelist•added 2006/09/29 12:0 a.m.•15 views

CVE-2006-5085

Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nomblog parameter, which is injected into include/variables.php...

7.8AI score0.05495EPSS

Exploits2References6

0day.today•added 2006/09/29 12:0 a.m.•22 views

VideoDB <= 2.2.1 (pdf.php) Remote File Include Exploit

Exploit for unknown platform in category web applications ====================================================== VideoDB = 2.2.1 pdf.php Remote File Include Exploit ====================================================== ?php / ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by