7194 matches found
EZContents 2.0.3 - 'showpoll.php?GLOBALS[admin_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
Alstrasoft Template Seller - 'Config[Template_Path]' Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/19769/info AlstraSoft Template Seller is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...
EZContents 2.0.3 - showpoll.php?GLOBALS[admin_home] Remote File Inclusion
EZContents 2.0.3 - showpoll.php?GLOBALSadminhome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
EZContents 2.0.3 - 'showlinks.php?GLOBALS[admin_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
EZContents 2.0.3 - event_list.php?GLOBALS[admin_home] Remote File Inclusion
EZContents 2.0.3 - eventlist.php?GLOBALSadminhome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
EZContents 2.0.3 - shownews.php?GLOBALS[admin_home] Remote File Inclusion
EZContents 2.0.3 - shownews.php?GLOBALSadminhome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
EZContents 2.0.3 - toprated.php?GLOBALS[language_home] Remote File Inclusion
EZContents 2.0.3 - toprated.php?GLOBALSlanguagehome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
EZContents 2.0 - 'gallery_summary.php?GLOBALS[admin_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
EZContents 2.0.3 - 'toprated.php?GLOBALS[language_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
EZContents 2.0.3 - 'calendar.php?GLOBALS[language_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
EZContents 2.0.3 - 'shownews.php?GLOBALS[admin_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
EZContents 2.0.3 - 'showguestbook.php?GLOBALS[admin_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
CVE-2006-4425
CVE-2006-4425 affects the phpCOIN 1.2.3 package. Multiple remote file inclusion weaknesses allow an unauthenticated, remote attacker to cause code execution by manipulating the _CCFG[_PKG_PATH_INCL] parameter in seven coin_includes scripts (api.php, common.php, core.php, custom.php, db.php, redir...
CVE-2006-4433
PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...
PT-2006-5230 · Phlymail · Phlymail Lite
Name of the Vulnerable Software and Affected Versions: PHlyMail Lite versions 3.4.4 and earlier Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the PM pathhandler parameter. This is a different attack vector. Note that this issue has been...
PHProjekt <= 5.1 Multiple Remote File Inclusions
The remote host is running PHProjekt, an open source groupware suite written in PHP. The version of PHProjekt installed on the remote host fails to sanitize user-supplied input to the 'pathpre' parameter of the 'lib/specialdays.php' script as well as the 'libpath' parameter of the...
CVE-2006-4418
Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file...
CVE-2006-4418
Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file...
EUVD-2006-4406
Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file...
CVE-2006-4363
PHP remote file inclusion vulnerability in admin.cropcanvas.php in the CropImage component comcropimage 1.0 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the cropimagedir parameter...