EUVD-2006-3313

Malware in sbrugna...

EUVD-2006-3319

Malware in sbrugna...

CVE-2006-3322

SQL injection vulnerability in includes/functionslogging.php in phpRaid 3.0.5, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the loghack function...

Secunia Research: phpRaid SQL Injection and File Inclusion Vulnerabilities

====================================================================== Secunia Research 29/06/2006 - phpRaid SQL Injection and File Inclusion Vulnerabilities - ====================================================================== Table of Contents Affected...

CVE-2006-3316

Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraiddir parameter to 1 logs.php and 2 users.php, a different set of vectors than CVE-2006-3116...

CVE-2006-3316

Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraiddir parameter to 1 logs.php and 2 users.php, a different set of vectors than CVE-2006-3116...

CVE-2006-3116

CVE-2006-3116 covers multiple PHP remote file inclusion vulnerabilities in phpRaid. Affected are phpRaid 3.0.4 and 3.0.5 (and related 3.0.6 in some vectors). The issue arises from unsafely using the phpraid_dir parameter to include files, enabling arbitrary PHP code execution when a URL is suppli...

CVE-2006-3116

Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 and 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraiddir parameter to 1 configuration.php, 3 guilds.php, 4 index.php, 5 locations.php, 6 login.php, 7 luaoutput.php, 8 permissions.php, 9 profile.php, ...