CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

MiraksGalerie 2.62 - 'galimage.lib.php?listconfigfile[0]' Remote File Inclusion

source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

MiraksGalerie 2.62 - 'galsecurity.lib.php?listconfigfile[0]' Remote File Inclusion

source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

[SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

CVE-2006-2878

CVE-2006-2878 affects DokuWiki (spellcheck.php) where unsanitized PHP code can be injected through the PHP/complex curly syntax in a preg_replace with the /e modifier. A remote unauthenticated attacker could execute arbitrary PHP commands on the webserver running DokuWiki, as described in multipl...

MiraksGalerie 2.62 - galsecurity.lib.php?listconfigfile[0] Remote File Inclusion

MiraksGalerie 2.62 - galsecurity.lib.php?listconfigfile0 Remote File Inclusion source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

MiraksGalerie 2.62 - galimage.lib.php?listconfigfile[0] Remote File Inclusion

MiraksGalerie 2.62 - galimage.lib.php?listconfigfile0 Remote File Inclusion source: https://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfigbhfilepath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in config.php in Rumble 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the configArrpathtodir parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in layout/prepend.php in DotClear 1.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a FTP URL in the blogdcpath parameter, which passes fileexists and isdir tests on PHP 5...

CVE-2006-2845

PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the REXINCLUDEPATH parameter to imageresize/pages/index.inc.php...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to 1 auth/extauth/drivers/mambo.inc.php or 2 auth/extauth/drivers/postnuke.inc.php...

CVE-2006-2860

CVE-2006-2860 is a PHP remote file inclusion vulnerability in Webspotblogging 3.0.1. An attacker can trigger arbitrary PHP code execution by supplying a URL in the path parameter to one of four files: inc/logincheck.inc.php, inc/adminheader.inc.php, inc/global.php, or inc/mainheader.inc.php. The ...

[Kil13r-SA-20060606] ESTsoft InternetDISK Arbitary Code Execution Vulnerability

Title: Kil13r-SA-20060606 ESTsoft InternetDISK Arbitary Code Execution Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/04/19 - Discovery 2006/04/19 - Vendor notification 2006/04/20 - Vendor response 2006/04/20 - Vendor patch release 2006/05/10 - Vendor...

PT-2006-3760 · Squirrelmail +1 · Squirrelmail +1

Name of the Vulnerable Software and Affected Versions: SquirrelMail versions 1.4.6 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter, under specific conditions where register globals is enabled and magic quotes gpc is...

Remote file inclusion

PHP remote file inclusion vulnerability in common-menu.php in Cameron McKay Informium 0.12.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFlocalpath parameter...

CVE-2006-2811

Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in 1 index.php, 2 topman.php, 3 approb.php, 4 vacadmb.php, 5 vacadma.php, 6 vacadm.php, 7 statart.php, 8 search.php, 9...

CyBoards PHP Lite 1.211.25 - Common.php Remote File Inclusion

CyBoards PHP Lite 1.211.25 - Common.php Remote File Inclusion source: https://www.securityfocus.com/bid/18272/info CyBoards PHP Lite is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it...