4 matches found
CVE-2007-4231
CVE-2007-4231 describes a PHP remote file inclusion in the IDevSpot PhpHostBot line (1.06 and earlier). The vulnerability is triggered in order/login.php via a URL parameter (svr_rootscript), allowing an attacker to execute arbitrary PHP code on affected installations. The entry notes this as a d...
CVE-2006-3776
CVE-2006-3776 affects IDevSpot PhpHostBot (version 1.0) and AutoHost (version 3.0). It is a PHP remote file inclusion vulnerability in order/index.php that allows remote attackers to execute arbitrary PHP code by supplying a URL in the page parameter. The underlying issue is a crafted URL-based i...
CVE-2007-4094
CVE-2007-4094 affects IDevSpot PhpHostBot (library/authorize.php). The vulnerability allows remote attackers to execute arbitrary PHP code via a URL supplied in the login_form parameter, representing a remote file inclusion in this component. This is described as a different vector from CVE-2006-...
CVE-2011-3779
CVE-2011-3779 affects PhpHostBot 2.0. Affected: PhpHostBot 2.0 installations where direct requests to certain .php files (e.g., admin/create_acct.php) reveal the installation path in an error message, enabling information disclosure. Impact is limited to partial confidentiality exposure; no explo...