6 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerability because the applicable include is within a...
CVE-2007-4181
PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerability because the applicable include is within a...
CVE-2007-4180
Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to read arbitrary local files via a .. dot dot in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argume...
CVE-2007-4180
Affects Pluck 4.3: directory traversal in data/inc/theme.php via the file parameter (..), exploitable when register_globals is enabled. The claim is that remote reading of local files is possible, but the note across sources indicates this vulnerability is disputed because the code uses a fixed a...
CVE-2007-4180
Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to read arbitrary local files via a .. dot dot in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argume...
CVE-2007-4181
PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerability because the applicable include is within a...