Total
3411 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6088 | 1 Phpbbviet | 1 Phpbbviet | 2017-09-29 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-6057 | 1 Datecomm | 1 Social Networking Script | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in datecomm Social Networking Script (aka Myspace Clone Script) allows remote attackers to execute arbitrary PHP code via a URL in the pg parameter. | |||||
| CVE-2007-6038 | 1 Joomlaequipment | 1 Juser | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in xajax_functions.php in the JUser (com_juser) 1.0.14 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2007-6027 | 1 Justjoomla | 1 Carousel Flash Image Gallery | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin.jjgallery.php in the Carousel Flash Image Gallery (com_jjgallery) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2007-5995 | 1 Php-tools | 1 Patbbcode | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example parameter. | |||||
| CVE-2007-5845 | 1 Guppy | 1 Guppy | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged to bypass authentication and upload arbitrary files by including admin/inc/upload.inc and specifying certain multipart/form-data input for admin/inc/upload.inc. | |||||
| CVE-2007-5843 | 1 Scwiki | 1 Scwiki | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/common.php in scWiki 1.0 Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the pathdot parameter. | |||||
| CVE-2007-5842 | 1 Vortex Portal | 1 Vortex Portal | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1.0.42 allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter to (1) admincp/auth/secure.php or (2) admincp/auth/checklogin.php. | |||||
| CVE-2007-5841 | 1 Nuboard | 1 Nuboard | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter. | |||||
| CVE-2007-5840 | 1 Syndeocms | 1 Syndeocms | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2. | |||||
| CVE-2007-5800 | 2 Tom Willmot, Wordpress | 2 Backupwordpress Plugin, Wordpress | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin for WordPress allow remote attackers to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate.php, (3) Writer.php, (4) Reader.php, and other unspecified scripts under plugins/BackUp/Archive/. | |||||
| CVE-2007-5786 | 1 A-enterprise | 1 Gosamba | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_group.php; (6) inc_manager.php; (7) inc_newgroup.php; (8) inc_smb_conf.php; (9) inc_user.php; or (10) main.php. | |||||
| CVE-2007-5785 | 1 Jobsiteprofessional | 1 Jobsite Professional | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in file.php in JobSite Professional 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-5784 | 1 Caupo.net | 1 Cauposhop Pro | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in CaupoShop Pro 2.x allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | |||||
| CVE-2007-5783 | 1 Emagic-cms | 1 Emagic Cms.net | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter. | |||||
| CVE-2007-5781 | 1 Sige | 1 Sige | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in inc/sige_init.php in Sige 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the SYS_PATH parameter. | |||||
| CVE-2007-5754 | 1 Phpfaber | 1 Urlinn | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in urlinn_includes/config.php in phpFaber URLInn 2.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the dir_ws parameter. | |||||
| CVE-2007-5721 | 1 Myspacepros | 1 Myspace Resource Script | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in _theme/breadcrumb.php in MySpacePros MySpace Resource Script (MSRS) 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the rootBase parameter. | |||||
| CVE-2007-5720 | 1 Profilecms | 1 Profilecms | 2017-09-29 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a profile. | |||||
| CVE-2007-5697 | 1 Phpimage | 1 Php Image | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHP Image 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the xarg parameter to (1) xarg_corner.php, (2) xarg_corner_bottom.php, and (3) xarg_corner_top.php. | |||||