CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7189 matches found

Exploit DB•added 2006/06/14 12:0 a.m.•27 views

RahnemaCo - 'page.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18435/info RahnemaCo is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker ...

7.4AI score

Exploits0

exploitpack•added 2006/06/14 12:0 a.m.•10 views

phpBB - BBRSS.php Remote File Inclusion

phpBB - BBRSS.php Remote File Inclusion source: https://www.securityfocus.com/bid/18432/info The bbrss plugin for PhpBB is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the conte...

0.4AI score

Exploits0

Gentoo Linux•added 2006/06/14 12:0 a.m.•159 views

DokuWiki: PHP code injection

Background DokuWiki is a simple to use wiki targeted at developer teams, workgroups and small companies. Description Stefan Esser discovered that the DokuWiki spell checker fails to properly sanitize PHP's "complex curly syntax". Impact A unauthenticated remote attacker may execute arbitrary PHP...

7.5CVSS7.4AI score0.04385EPSS

Exploits1

NVD•added 2006/06/13 1:2 a.m.•15 views

CVE-2006-2908

The domecode function in inc/functionspost.php in MyBulletinBoard MyBB 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a pregreplace function call with a /e executable modifier...

7.5CVSS7.6AI score0.1141EPSS

Exploits1References11

Cvelist•added 2006/06/13 1:0 a.m.•17 views

CVE-2006-2908

7.6AI score0.1141EPSS

Exploits1References11

exploitpack•added 2006/06/13 12:0 a.m.•10 views

DoubleSpeak 0.1 - Multiple Remote File Inclusions

DoubleSpeak 0.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18401/info DoubleSpeak is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these...

0.1AI score

Exploits0

exploitpack•added 2006/06/13 12:0 a.m.•7 views

Simpnews 2.x - Wap_short_news.php Remote File Inclusion

Simpnews 2.x - Wapshortnews.php Remote File Inclusion source: https://www.securityfocus.com/bid/18410/info Simpnews is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

0.1AI score

Exploits0

Exploit DB•added 2006/06/13 12:0 a.m.•21 views

Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18410/info Simpnews is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PH...

7.4AI score

Exploits0

Exploit DB•added 2006/06/13 12:0 a.m.•24 views

DoubleSpeak 0.1 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/18401/info DoubleSpeak is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containi...

7AI score

Exploits0

exploitpack•added 2006/06/12 12:0 a.m.•12 views

Foing 0.x - Remote File Inclusion

Foing 0.x - Remote File Inclusion source: https://www.securityfocus.com/bid/18392/info Foing is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remo...

7.5AI score

Exploits0

Exploit DB•added 2006/06/12 12:0 a.m.•28 views

Adaptive Website Framework 1.11 - Remote File Inclusion

source: https://www.securityfocus.com/bid/18386/info Adaptive Website Framework is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files...

7.4AI score

Exploits0

Exploit DB•added 2006/06/12 12:0 a.m.•30 views

Foing 0.x - Remote File Inclusion

source: https://www.securityfocus.com/bid/18392/info Foing is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP...

7AI score

Exploits0

exploitpack•added 2006/06/12 12:0 a.m.•12 views

Adaptive Website Framework 1.11 - Remote File Inclusion

Adaptive Website Framework 1.11 - Remote File Inclusion source: https://www.securityfocus.com/bid/18386/info Adaptive Website Framework is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can...

0.4AI score

Exploits0

Exploit DB•added 2006/06/11 12:0 a.m.•60 views

RCblog 1.03 - 'POST' Remote Command Execution

!/usr/bin/perl $App : RCblog "; $socket = IO::Socket::INET-newProto="tcp", PeerAddr="$server", PeerPort="http80" || die "- Cannot not connect to host !\n"; print $socket "GET ".$path.$pcode." HTTP/1.1\r\n"; print $socket "User-Agent: ".$pcode."\r\n"; print $socket "Host: ".$server."\r\n"; print...

7.4AI score

Exploits0

exploitpack•added 2006/06/11 12:0 a.m.•11 views

RCblog 1.03 - POST Remote Command Execution

RCblog 1.03 - POST Remote Command Execution !/usr/bin/perl $App : RCblog "; $socket = IO::Socket::INET-newProto="tcp", PeerAddr="$server", PeerPort="http80" || die "- Cannot not connect to host !\n"; print $socket "GET ".$path.$pcode." HTTP/1.1\r\n"; print $socket "User-Agent: ".$pcode."\r\n";...

0.1AI score

Exploits0

seebug.org•added 2006/06/11 12:0 a.m.•9 views

RCblog <= 1.03 (post) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl $App : RCblog = 1.03 Remote Command Execution Exploit $Bug : http://tinyphp/index.php?post=../afile%00 $IHST: h4ckerz.com / hackerz.ir / coded & discovered By Hessam-x Hessamx -at- Hessamx.net use IO::Socket; use LWP::Simple; print...

7.1AI score

Exploits0

NVD•added 2006/06/09 10:2 a.m.•7 views

CVE-2006-2928

Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter in 1 dialogs/img.php and 2 dialogs/td.php...

5.1CVSS7.6AI score0.03012EPSS

Exploits0References7

NVD•added 2006/06/09 10:2 a.m.•6 views

CVE-2006-2929

PHP remote file inclusion vulnerability in contrib/forms/evaluation/CFormEvaluation.class.php in OpenEMR 2.8.1 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSfileroot parameter...

6.8CVSS7.5AI score0.03094EPSS

Exploits0References4

Cvelist•added 2006/06/07 10:0 a.m.•13 views

CVE-2006-2888

PHP remote file inclusion vulnerability in wk/wklang.php in Wikiwig 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WKwkPath parameter...

7.6AI score0.06242EPSS

Exploits1References5

canvas•added 2006/06/07 12:2 a.m.•2485 views

Immunity Canvas: DOKUWIKI_EXEC

Name| dokuwikiexec ---|--- CVE| CVE-2006-2878 Exploit Pack| CANVAS Description| DokuWiki Spell Checker Embedded Link Arbitrary PHP Code Execution Notes| CVE Name: CVE-2006-2878 VENDOR: DokuWiki Repeatability: Infinite References: 'http://www.hardened-php.net/advisory042006.119.html' CVSS: 7.5 DOR...

7.5CVSS2.5AI score0.04385EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by