CVE-2005-2179

PHP remote file inclusion vulnerability in BlogModel.php in Jaws 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via the path parameter...

phpGroupWare, eGroupWare: PHP script injection vulnerability

Background phpGroupWare and eGroupWare are web based collaboration software suites. Description The XML-RPC implementations of phpGroupWare and eGroupWare fail to sanitize input sent to the XML-RPC server using the "POST" method. Impact A remote attacker could exploit the XML-RPC vulnerability to...

GLSA-200507-06 : TikiWiki: Arbitrary command execution through XML-RPC

The remote host is affected by the vulnerability described in GLSA-200507-06 TikiWiki: Arbitrary command execution through XML-RPC TikiWiki is vulnerable to arbitrary command execution as described in GLSA 200507-01. Impact : A remote attacker could exploit this vulnerability to execute arbitrary...

Drupal Public Comment PHP Code Injection

Binary data 3053.prm...

CVE-2005-2162

PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter...

TikiWiki: Arbitrary command execution through XML-RPC

Background TikiWiki is a web-based groupware and content management system CMS, using PHP, ADOdb and Smarty. TikiWiki includes vulnerable PHP XML-RPC code. Description TikiWiki is vulnerable to arbitrary command execution as described in GLSA 200507-01. Impact A remote attacker could exploit this...

CVE-2005-1921

Eval injection vulnerability in PEAR XMLRPC 1.3.0 and earlier aka XML-RPC or xmlrpc and PHPXMLRPC aka XML-RPC For PHP or php-xmlrpc 1.1 and earlier, as used in products such as 1 WordPress, 2 Serendipity, 3 Drupal, 4 egroupware, 5 MailWatch, 6 TikiWiki, 7 phpWebSite, 8 Ampache, and others, allows...

CVE-2005-2106

Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting...

CVE-2005-2139

PHP remote file inclusion vulnerability in usercheck.php for Pavsta Auto Site allows remote attackers to execute arbitrary PHP code via the sitepath parameter...

CVE-2005-2106

Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting...

osTicket < 1.3.1 Multiple Vulnerabilities

Binary data 3046.prm...

osTicket <= 1.3.1 Multiple Vulnerabilities

The version of osTicket installed on the remote host suffers from several vulnerabilities, including: - A Local File Include Vulnerability The application fails to sanitize user-supplied input to the 'inc' parameter in the 'view.php' script. An attacker may be able to exploit this flaw to run...

DSA-840-1 drupal - missing input sanitising

Bulletin has no description...

CVE-2005-2106

Drupal 4.5.0–4.6.1 contains a vulnerability that allows remote attackers to execute arbitrary PHP code via public comments or postings. Debian’s DSA-745-1 fixes this in 4.5.3-3; upgrade recommended to remediate.

CVE-2005-2106

Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting...

CVE-2005-1921

CVE-2005-1921 is a remote PHP code execution vulnerability in PEAR XML_RPC (&lt;=1.3.0) and PHPXMLRPC (

[SA15862] Serendipity XML-RPC Unspecified PHP Code Execution Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

CVE-2005-2086

PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code...

[Full-disclosure] [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue

---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2005-003 ---------------------------------------------------------------------------- Advisory ID: DRUPAL-SA-2005-003 Date: 2005-jun-29 Security risk: highly critical Impact: system...

[SA15864] Comdev News Publisher Cross-Site Scripting and PHP Code Execution

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...