Total
3187 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-4712 | 1 Enetman | 1 Enetman | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in index.php in eNetman 1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | |||||
CVE-2007-5784 | 1 Caupo.net | 1 Cauposhop Pro | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in index.php in CaupoShop Pro 2.x allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | |||||
CVE-2007-5780 | 1 Telematic Lab | 1 Teatro | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in pub/pub08_comments.php in teatro 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. | |||||
CVE-2006-6720 | 1 Azucar Cms | 1 Azucar Cms | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the _VIEW parameter. | |||||
CVE-2008-0448 | 1 Cybergl Dev Team | 1 Phpsearch | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in utils/class_HTTPRetriever.php in phpSearch allows remote attackers to execute arbitrary PHP code via a URL in the libcurlemuinc parameter. | |||||
CVE-2007-2572 | 1 Noah | 1 Noah | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in modules/noevents/templates/mfa_theme.php in NoAh (aka PHP Content Architect, phparch) 0.9 pre 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpls[1] parameter. | |||||
CVE-2008-1136 | 1 Synce | 1 Synce | 2023-12-10 | 9.3 HIGH | N/A |
The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679. | |||||
CVE-2006-6957 | 1 Docebo | 1 Docebo | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be resultant from a global overwrite vulnerability. This issue is similar to CVE-2006-2576 and CVE-2006-3107, but the vectors are different. | |||||
CVE-2007-5224 | 1 Jimmac | 1 Original Photo Gallery | 2023-12-10 | 6.8 MEDIUM | N/A |
inc/exif.inc.php in Original Photo Gallery 0.11.2 and earlier allows remote attackers to execute arbitrary programs via the exif_prog parameter, which is specified in an exec function call. | |||||
CVE-2007-4906 | 1 Nuclearbb | 1 Nuclearbb | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in tasks/send_queued_emails.php in NuclearBB Alpha 2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | |||||
CVE-2006-5481 | 1 Castor | 1 Castor | 2023-12-10 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in 2le.net Castor PHP Web Builder 1.1.1 allow remote attackers to execute arbitrary PHP code via the rootpath parameter in (1) lib/code.php, (2) lib/dbconnect.php, (3) lib/error.php, (4) lib/menu.php, and other unspecified files. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
CVE-2008-0382 | 1 Mybulletinboard | 1 Mybulletinboard | 2023-12-10 | 7.5 HIGH | N/A |
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php. | |||||
CVE-2007-5175 | 1 Actsite | 1 Actsite | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability lib/base.php in actSite 1.991 Beta allows remote attackers to execute arbitrary PHP code via a URL in the BaseCfg[BaseDir] parameter. | |||||
CVE-2008-0376 | 1 Softpedia | 1 Small Axe Weblog | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in inc/linkbar.php in Small Axe Weblog 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfile parameter. | |||||
CVE-2007-3892 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.01 through 7 allows remote attackers to spoof the URL address bar and other "trust UI" components via unspecified vectors, a different issue than CVE-2007-1091 and CVE-2007-3826. | |||||
CVE-2007-5160 | 1 Restaurant Management System | 1 Restaurant Management System | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT parameter to (a) global.php, or the (2) DIR_PAGE parameter to (b) template/fr/page.php or (c) page/fr/boxConnection.php. | |||||
CVE-2007-6231 | 1 Tellmatic | 1 Tellmatic | 2023-12-10 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the tm_includepath parameter to (1) Classes.inc.php, (2) statistic.inc.php, (3) status.inc.php, (4) status_top_x.inc.php, or (5) libchart-1.1/libchart.php in include/. NOTE: access to include/ is blocked by .htaccess in most deployments that use Apache HTTP Server. | |||||
CVE-2007-1581 | 1 Php | 1 Php | 2023-12-10 | 9.3 HIGH | N/A |
The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 are also affected. | |||||
CVE-2007-4818 | 1 Txx Cms | 1 Txx Cms | 2023-12-10 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) addons/plugin.php, (2) addons/sidebar.php, (3) mail/index.php, or (4) mail/mailbox.php in modules/. | |||||
CVE-2007-1472 | 1 T-systems Solutions For Research Gmbh | 1 Groupit | 2023-12-10 | 6.8 MEDIUM | N/A |
Variable overwrite vulnerability in groupit/base/groupit.start.inc in Groupit 2.00b5 allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via arguments that are written to $_GLOBALS, as demonstrated using a URL in the c_basepath parameter to (1) content.php, (2) userprofile.php, (3) password.php, (4) dispatch.php, and (5) deliver.php in html/, and possibly (6) load.inc.php and related files. |