CVE-2007-4290

Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the scriptroot parameter to 1 delete.php, 2 edit.php, or 3 inc/common.inc.php; or 4 database.php, 5 entries.php, 6 index.php, 7 logout.php, or 8 settings.ph...

CVE-2007-4290

CVE-2007-4290 concerns Guestbook Script 1.9, where multiple PHP remote file inclusion vulnerabilities allow an attacker to execute arbitrary PHP code via a URL in the script_root parameter to files in the admin/ area (delete.php, edit.php, inc/common.inc.php) and in (database.php, entries.php, in...

CVE-2005-0679

PHP remote file inclusion vulnerability in tellafriend.inc.php for Tell A Friend Script 2.7 before 20050305 allows remote attackers to execute arbitrary PHP code by modifying the scriptroot parameter to reference a URL on a remote web server that contains the code. NOTE: it was later reported tha...

Stadtaus PHP Form Mail formmail.inc.php Remote File Inclusion

There is a version of Form Mail Script, a PHP script by Ralf Stadtaus, installed on the remote host that suffers from a remote file include vulnerability involving the 'scriptroot' parameter of the 'inc/formmail.inc.php' script. By leveraging this flaw, an attacker may be able to view arbitrary...