Unrestricted file upload

Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details...

CVE-2007-5733

Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details...

CVE-2007-3315

Multiple PHP remote file inclusion vulnerabilities in YourFreeScreamer 1.0, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the serverPath parameter to bodyTemplate.php in 1 templates/Classic/, 2 templates/Classic Guestbook/, 3...

Remote file inclusion

PHP remote file inclusion vulnerability in templates/2blue/bodyTemplate.php in YourFreeScreamer 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the serverPath parameter...

PT-2007-1656 · Unknown · Allmyguests

Name of the Vulnerable Software and Affected Versions: AllMyGuests versions 0.3.0 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the AMG serverpath parameter to various PHP files, including "comments.php" and "signin.php", and possibly via a...

PT-2006-5736 · Allmyguests · Allmyguests

Name of the Vulnerable Software and Affected Versions: AllMyGuests versions 0.4.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the AMGconfigcfg serverpath parameter in 1 modules/AllMyGuests/signin.php and 2 AllMyGuests/signin.php...

CVE-2005-2155

PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and earlier allows remote attackers to execute arbitrary code via the serverPath parameter...