Total
3411 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6347 | 1 Viart | 4 Cms, Helpdesk, Shop Evaluation and 1 more | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6147 | 1 Iaprcommence | 1 Iapr Commence | 2017-10-19 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (a) php_root_path and sometimes the (b) privilege_root_path parameter to various PHP scripts under (1) admin/includes/, (2) admin/phase/, (3) includes/, (4) includes/page_includes/, (5) reviewer/includes/, (6) reviewer/phase/, and (7) user/phase/. | |||||
| CVE-2007-5321 | 1 Verlihub-project | 1 Verlihub Control Panel | 2017-10-19 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2007-5117 | 1 Frontaccounting | 1 Frontaccounting | 2017-10-19 | 9.3 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.13, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter to (1) access/login.php and (2) includes/lang/language.php, different vectors than CVE-2007-4279. | |||||
| CVE-2007-5102 | 1 Wordsmith | 1 Wordsmith | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _path parameter. | |||||
| CVE-2007-5099 | 1 David Watters | 1 Helplink | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in show.php in David Watters Helplink 0.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | |||||
| CVE-2007-0983 | 1 Ansatheus | 1 At Contenator | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in _admin/nav.php in AT Contenator 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the Root_To_Script parameter. | |||||
| CVE-2007-0501 | 1 Mafia Scum Tools | 1 Mafia Scum Tools | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in Mafia Scum Tools 2.0.0 in Matthew Wardrop Advanced Random Generators (adv-random-gen) allows remote attackers to execute arbitrary PHP code via a URL in the gen parameter. | |||||
| CVE-2007-0499 | 1 Sangwan Kim | 1 Phpindexpage | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in config.php in Sangwan Kim phpIndexPage 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[inc_path] parameter. | |||||
| CVE-2006-6976 | 1 Centipaid | 1 Centipaid | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.2 and earlier allows remote attackers to execute arbitrary code via a URL in the absolute_path parameter. | |||||
| CVE-2006-6962 | 1 Joomla | 1 Rs Gallery2 | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in rsgallery2.html.php in the RS Gallery2 component (com_rsgallery2) 1.11.2 for Joomla! allows attackers to execute arbitrary PHP code via the mosConfig_absolute_path parameter. NOTE: this issue may overlap CVE-2006-5047. | |||||
| CVE-2006-6760 | 1 Phpmymanga | 1 Phpmymanga | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in template.php in Phpmymanga 0.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) actionsPage or (2) formPage parameter. | |||||
| CVE-2006-6739 | 1 Paristemi | 1 Paristemi | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689. | |||||
| CVE-2006-6738 | 1 Cwm-design | 1 Cwmcounter | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | |||||
| CVE-2006-6732 | 1 Cwm-design | 1 Cwmvote | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter. | |||||
| CVE-2006-6726 | 1 Inertianews | 1 Inertianews | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in inertianews_main.php in inertianews 0.02 beta allows remote attackers to execute arbitrary PHP code via a URL in the inews_path parameter. | |||||
| CVE-2006-6720 | 1 Azucar Cms | 1 Azucar Cms | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the _VIEW parameter. | |||||
| CVE-2006-6710 | 1 Matteolucarelli | 1 Pgmreloaded | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.php, and the CFG[localelangdir] parameter to (c) form_header.php. | |||||
| CVE-2006-6462 | 1 Cm68 News | 1 Cm68 News | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remote attackers to execute arbitrary PHP code via a URL in the addpath parameter. | |||||
| CVE-2006-6086 | 1 E-ark | 1 E-ark | 2017-10-19 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter. | |||||