CVE-2006-4558

DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the modmime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php...

CVE-2006-4548

e107 0.75 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code via the tinyMCEimglibinclude image/jpeg parameter in...

CVE-2006-4551

Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to execute arbitrary PHP code via 1 the file specified as the value of the format parameter, and possibly 2 the RSS feed...

CVE-2006-4551

Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to execute arbitrary PHP code via 1 the file specified as the value of the format parameter, and possibly 2 the RSS feed...

CVE-2006-4544

Multiple PHP remote file inclusion vulnerabilities in ExBB 1.9.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the exbbhomepath parameter in files in the modules directory including 1 birstday/birst.php 2 birstday/select.php, 3...

CVE-2006-4557

PHP remote file inclusion vulnerability in plugins/plugins.php in Bob Jewell Discloser 0.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the type parameter. NOTE: another researcher has stated that an attacker cannot control the type parameter. As of 20060901, CVE analysis...

CVE-2006-4548

e107 0.75 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code via the tinyMCEimglibinclude image/jpeg parameter in...

[SA21757] MySource Classic Equation Attribute PHP Code Injection

TITLE: MySource Classic Equation Attribute PHP Code Injection SECUNIA ADVISORY ID: SA21757 VERIFY ADVISORY: http://secunia.com/advisories/21757/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: MySource Classic 2.x http://secunia.com/product/5773/ DESCRIPTION: A...

PmWiki < 2.1.21 Global Variables Overwriting

The version of PmWiki installed on the remote host contains a programming flaw in 'pmwiki.php' that may allow an unauthenticated remote attacker to overwrite global variables used by the application, which could in turn be exploited to execute arbitrary PHP code on the affected host, subject to t...

CVE-2006-4551

The CVE-2006-4551 entry describes an eval injection vulnerability in Feedsplitter (the feedsplitter.php handling path) that allows remote attackers to execute arbitrary PHP code by supplying the file to the value of the format parameter, and possibly via a malicious RSS feed. The root cause is im...

SoftBB 0.1 (cmd) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ================================================= SoftBB 0.1 cmd Remote Command Execution Exploit ================================================= !/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code...

In-portal In-Link 2.3.4 - &#039;ADODB_DIR.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/19824/info In-portal In-link is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in...

PHP-Proxima 6.0 - &#039;BB_Smilies.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/19840/info PHP-Proxima is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary local files from the vulnerable system in the context of the...

SoftBB 0.1 - &#039;cmd&#039; Remote Command Execution

!/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code execution, SQL Injection, Full Path Disclosure Risk.level....: High Vendor.Status.: Unpatched Src.download..: softbb.be Poc.link......: acid-root.new.fr/poc/11060904.txt Advisory.link.:...

SoftBB 0.1 - cmd Remote Command Execution

SoftBB 0.1 - cmd Remote Command Execution !/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code execution, SQL Injection, Full Path Disclosure Risk.level....: High Vendor.Status.: Unpatched Src.download..: softbb.be Poc.link......:...

In-portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion

In-portal In-Link 2.3.4 - ADODBDIR.php Remote File Inclusion source: https://www.securityfocus.com/bid/19824/info In-portal In-link is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

SoftBB 0.1 (cmd) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code execution, SQL Injection, Full Path Disclosure Risk.level....: High Vendor.Status.: Unpatched Src.download..: softbb.be Poc.link......: acid-root.new.fr/poc/11060904.txt...

e107 ibrowser.php zend_has_del() Function Remote Code Execution

The 'e107handlers/tinymce/plugins/ibrowser/ibrowser.php' script included with the version of e107 installed on the remote host contains a programming flaw that may allow an unauthenticated, remote attacker to execute arbitrary PHP code on the affected host, subject to the privileges of the web...

CVE-2006-4530

Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php...

CVE-2006-4532

PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System YACS CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the contextpathtoroot parameter...