PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion

SolpotCrew Community PHP Event Calendar versi 1.4 pathtocalendar Remote File Inclusion Vendor site : http://www.softcomplex.com/products/phpeventcalendar/ Bug Found By :Solpot a.k.a k. Hasibuan 13th july 2006 contact: [email protected] Website : http://www.solpotcrew.org/adv/solpot-adv-01.t...

CVE-2006-3676

PlanetGallery’s admin/gallery_admin.php contains a vulnerability that allows remote code execution via file uploads with a double extension, bypassing a safe-types regex and placing the file in the images directory. The flaw arises because the regex matches names like example.png.php, which PHP t...

CVE-2006-3777

PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2006-3774

PHP remote file inclusion vulnerability in performs.php in the perForms component comperforms 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-3683

PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

CVE-2006-3748

PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

IDevSpot PHPLinkExchange 1.0 - index.php Remote File Inclusion

IDevSpot PHPLinkExchange 1.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/19083/info PHPLinkExchange is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

MiniBB 1.5 - 'news.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/19095/info MiniBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context o...

iManage CMS 4.0.12 - 'absolute_path' Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV40$2006 --------------------------------------------------------------------------------------------------- ECHOADV40$2006 iManage CMS = 4.0.12 absolutepath Remote File Inclusion...

MiniBB 1.5 - news.php Remote File Inclusion

MiniBB 1.5 - news.php Remote File Inclusion source: https://www.securityfocus.com/bid/19095/info MiniBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing...

iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion

Exploit for unknown platform in category web applications =========================================================== iManage CMS = 4.0.12 absolutepath Remote File Inclusion =========================================================== \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ /...

IDevSpot PHPHostBot 1.0 - &#039;index.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/19084/info PHPHostBot is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...

PT-2006-4558 · Enduser · Listmessenger

Name of the Vulnerable Software and Affected Versions: ListMessenger version 0.9.3 Description: A remote file inclusion issue in enduser/listmessenger.php allows remote attackers to execute arbitrary PHP code via a URL in the lm path parameter. However, the vendor has disputed this issue, stating...

VisNetic Mail Server 8.3.5 - Multiple File Inclusions

VisNetic Mail Server 8.3.5 - Multiple File Inclusions source: https://www.securityfocus.com/bid/19002/info VisNetic Mail Server is prone to multiple local file-include vulnerabilities and a remote file includes vulnerability. These issues are due to a failure in the application to properly saniti...

Mambo Module Calendar 1.5.7 - &#039;Com_Calendar.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/19027/info The Calendar module for Mambo is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...

VisNetic Mail Server 8.3.5 - Multiple File Inclusions

source: https://www.securityfocus.com/bid/19002/info VisNetic Mail Server is prone to multiple local file-include vulnerabilities and a remote file includes vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these...

ListMessenger 0.9.3 - &#039;LM_Path&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicio...

ListMessenger 0.9.3 - LM_Path Remote File Inclusion

ListMessenger 0.9.3 - LMPath Remote File Inclusion source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

Mambo Module Calendar 1.5.7 - Com_Calendar.php Remote File Inclusion

Mambo Module Calendar 1.5.7 - ComCalendar.php Remote File Inclusion source: https://www.securityfocus.com/bid/19027/info The Calendar module for Mambo is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An...

Mambo / Joomla! Component / Module 'mosConfig_absolute_path' Multiple Parameter Remote File Include Vulnerabilities

A third-party component for Mambo, Module, or Joomla! is running on the remote host. At least one of these components is a version that is affected by a remote file include vulnerability due to improper sanitization of user-supplied input to the 'mosConfigabsolutepath' parameter before using it t...