7195 matches found
CVE-2006-4532
PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System YACS CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the contextpathtoroot parameter...
Papoo CMS 3.2 - IBrowser Remote File Inclusion
Papoo CMS 3.2 - IBrowser Remote File Inclusion source: https://www.securityfocus.com/bid/19807/info Papoo CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containin...
Papoo CMS 3.2 - IBrowser Remote File Inclusion
source: https://www.securityfocus.com/bid/19807/info Papoo CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...
YACS 6.6.1 - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/19799/info YACS is prone multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execut...
ToendaCMS 0.x1.0.x - Remote File Inclusion
ToendaCMS 0.x1.0.x - Remote File Inclusion source: https://www.securityfocus.com/bid/19806/info ToendaCMS is prone a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...
YACS 6.6.1 - Multiple Remote File Inclusions
YACS 6.6.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/19799/info YACS is prone multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote...
ToendaCMS 0.x/1.0.x - Remote File Inclusion
source: https://www.securityfocus.com/bid/19806/info ToendaCMS is prone a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the conte...
CubeCart < 3.0.13 Multiple Remote Vulnerabilities (LFI, SQLi, XSS)
The version of CubeCart installed on the remote host fails to properly sanitize user-supplied input to the 'gateway' parameter before using it in the 'includes/content/gateway.inc.php' script to include PHP code. An unauthenticated, remote attacker may be able to exploit this issue to view...
ExBB 1.9.1 - Home_Path Multiple Remote File Inclusions
ExBB 1.9.1 - HomePath Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/19787/info ExBB is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote...
Pheap CMS <= 1.1 (lpref) Remote File Include Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Pheap CMS = 1 lpref Remote File Include Exploit + + + - Script name: Pheap CMS v. 1 - Script site: http://pheap.barekoncept.com/ + + + - Find by: Kacper a.k.a Rahim + -...
ExBB 1.9.1 - 'Home_Path' Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/19787/info ExBB is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in th...
CubeCart < 3.0.13 Multiple Vulnerabilities
Binary data 3736.prm...
CVE-2006-4451
Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the 1 User-Agent HTTP header in tag.php, which is executed by all.php, and 2 the banned parameter in adminindex.php...
CVE-2006-4451
Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the 1 User-Agent HTTP header in tag.php, which is executed by all.php, and 2 the banned parameter in adminindex.php...
CVE-2006-4451
CVE-2006-4451 affects CJ Tag Board 3.0, with a direct static code injection flaw allowing remote PHP code execution. The vulnerability arises from two input vectors: (1) the User-Agent HTTP header in tag.php (executed by all.php) and (2) the banned parameter in admin_index.php. This results in ar...
EZContents 2.0.3 - search.php?GLOBALS[language_home] Remote File Inclusion
EZContents 2.0.3 - search.php?GLOBALSlanguagehome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
Alstrasoft Template Seller - Config[Template_Path] Multiple Remote File Inclusions
Alstrasoft Template Seller - ConfigTemplatePath Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/19769/info AlstraSoft Template Seller is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An...
EZContents 2.0.3 - 'event_list.php?GLOBALS[admin_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
EZContents 2.0 - gallery_summary.php?GLOBALS[admin_home] Remote File Inclusion
EZContents 2.0 - gallerysummary.php?GLOBALSadminhome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
EZContents 2.0.3 - showguestbook.php?GLOBALS[admin_home] Remote File Inclusion
EZContents 2.0.3 - showguestbook.php?GLOBALSadminhome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit thes...