Total
3761 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6223 | 1 Wotw | 1 Way Of The Warrior | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plancia parameter to crea.php. | |||||
| CVE-2007-6347 | 1 Viart | 4 Cms, Helpdesk, Shop Evaluation and 1 more | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-0499 | 1 Sangwan Kim | 1 Phpindexpage | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in config.php in Sangwan Kim phpIndexPage 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[inc_path] parameter. | |||||
| CVE-2007-6615 | 1 Agares Media | 1 Phpautovideo | 2017-10-19 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter. | |||||
| CVE-2007-6147 | 1 Iaprcommence | 1 Iapr Commence | 2017-10-19 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (a) php_root_path and sometimes the (b) privilege_root_path parameter to various PHP scripts under (1) admin/includes/, (2) admin/phase/, (3) includes/, (4) includes/page_includes/, (5) reviewer/includes/, (6) reviewer/phase/, and (7) user/phase/. | |||||
| CVE-2007-5321 | 1 Verlihub-project | 1 Verlihub Control Panel | 2017-10-19 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2007-6614 | 1 Agares Media | 1 Phpautovideo | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542. | |||||
| CVE-2007-5099 | 1 David Watters | 1 Helplink | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in show.php in David Watters Helplink 0.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | |||||
| CVE-2007-0501 | 1 Mafia Scum Tools | 1 Mafia Scum Tools | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in Mafia Scum Tools 2.0.0 in Matthew Wardrop Advanced Random Generators (adv-random-gen) allows remote attackers to execute arbitrary PHP code via a URL in the gen parameter. | |||||
| CVE-2006-6976 | 1 Centipaid | 1 Centipaid | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.2 and earlier allows remote attackers to execute arbitrary code via a URL in the absolute_path parameter. | |||||
| CVE-2006-6462 | 1 Cm68 News | 1 Cm68 News | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remote attackers to execute arbitrary PHP code via a URL in the addpath parameter. | |||||
| CVE-2006-4159 | 1 Chaussette | 1 Chaussette | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Chaussette 080706 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _BASE parameter to scripts in Classes/ including (1) Evenement.php, (2) Event.php, (3) Event_for_month.php, (4) Event_for_week.php, (5) My_Log.php, (6) My_Smarty.php, and possibly (7) Event_for_month_per_day.php. | |||||
| CVE-2006-4671 | 1 Fscripts | 1 Fantastic News | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in headlines.php in Fantastic News 2.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter, a different vector than CVE-2006-1154. | |||||
| CVE-2006-6710 | 1 Matteolucarelli | 1 Pgmreloaded | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.php, and the CFG[localelangdir] parameter to (c) form_header.php. | |||||
| CVE-2006-4944 | 1 Boesch It-consulting | 1 Progsys | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter. | |||||
| CVE-2006-5494 | 1 Phpnuke | 1 Php-nuke | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in modules/My_eGallery/public/displayCategory.php in the pandaBB module for PHP-Nuke allow remote attackers to execute arbitrary PHP code via a URL in the (1) adminpath or (2) basepath parameters. NOTE: this issue might overlap CVE-2006-6795. | |||||
| CVE-2006-2686 | 1 Actionapps | 1 Actionapps | 2017-10-19 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, (7) go.php3, (8) hiercons.php3, (9) jsview.php3, (10) live_checkbox.php3, (11) offline.php3, (12) post2shtml.php3, (13) search.php3, (14) slice.php3, (15) sql_update.php3, (16) view.php3, (17) multiple files in the (18) admin/ folder, (19) includes folder, and (20) modules/ folder. | |||||
| CVE-2006-2767 | 1 Ottoman | 1 Ottoman | 2017-10-19 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in Ottoman 1.1.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the default_path parameter in (1) error.php, (2) index.php, and (3) classes/main_class.php. | |||||
| CVE-2006-6086 | 1 E-ark | 1 E-ark | 2017-10-19 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter. | |||||
| CVE-2006-5506 | 1 Wiclear | 1 Wiclear | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WiClear 0.10 allow remote attackers to execute arbitrary PHP code via the path parameter in (1) inc/prepend.inc.php, (2) inc/lib/boxes.lib.php, (3) inc/lib/tools.lib.php, (4) tools/trackback/index.php, and (5) tools/utf8conversion/index.php in admin/; and (6) prepend.inc.php, (7) lib/boxes.lib.php, and (8) lib/history.lib.php in inc/. | |||||