Vulnerabilities (CVE)

Filtered by vendor E-ark Subscribe

Filtered by product E-ark

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2007-5216	1 E-ark	1 E-ark	2023-12-10	6.8 MEDIUM	N/A
Multiple PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the cfg_vcard_path parameter to src/vcard_inc.php or (2) the cfg_phpmailer_path parameter to src/email_inc.php. NOTE: the ark_inc.php vector is already covered by CVE-2006-6086.
CVE-2006-6086	1 E-ark	1 E-ark	2023-12-10	5.1 MEDIUM	N/A
PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter.