Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4420 | 1 Phaos | 1 Phaos | 2017-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 allows remote attackers to include arbitrary local files via ".." sequences in the lang parameter. | |||||
| CVE-2006-5083 | 1 Phpbb Security | 1 Importal | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions_portal.php in Integrated MODs (IM) Portal 1.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-5079 | 1 Php Arena | 1 Pabugs | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter. | |||||
| CVE-2006-5078 | 1 Polaring | 1 Polaring | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in view/general.php in Kristian Niemi Polaring 00.04.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[dirMain] parameter. | |||||
| CVE-2006-5419 | 1 University Of Glasgow | 1 Specimen Image Database | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. | |||||
| CVE-2006-5077 | 1 Minerva | 1 Minerva | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Chris Smith Minerva Build 238 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-5421 | 1 Wsn Forum | 1 Wsn Forum | 2017-10-18 | 7.5 HIGH | N/A |
| WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file inclusion, but that label only applies to the attack, not the underlying vulnerability. | |||||
| CVE-2006-5102 | 1 Baumedia | 1 Newswriter | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/editfunc.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter. | |||||
| CVE-2006-4424 | 1 Coinsoft Technologies | 1 Phpcoin | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter. | |||||
| CVE-2006-6590 | 1 Php | 1 Ar Memberscript | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in usercp_menu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the script_folder parameter. | |||||
| CVE-2006-4427 | 1 Efiction | 1 Efiction | 2017-10-18 | 5.1 MEDIUM | N/A |
| index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privileges by setting the (1) adminloggedin, (2) loggedin, and (3) level parameters to "1". | |||||
| CVE-2006-5426 | 1 Local Calendar System | 1 Local Calendar System | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter. | |||||
| CVE-2006-5427 | 1 Php Amx | 1 Php Amx | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in plugins/main.php in Php AMX 0.9.0, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plug_path parameter. | |||||
| CVE-2006-5546 | 1 Otscms | 1 Otscms | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System (OTSCMS) 1.3.0 through 1.4.1 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][otscms][directories][classes] parameter. | |||||
| CVE-2006-6586 | 1 Vblog | 1 Vblog | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Vortex Blog (vBlog, aka C12) a0.1_nonfunc allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter in (1) secure.php or (2) checklogin.php in admin/auth/. | |||||
| CVE-2006-5429 | 1 Barry Nauta | 1 Brim | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter in template.tpl.php in (1) templates/barrel/, (2) templates/sidebar/, (3) templates/text-only, (4) templates/slashdot/, (5) templates/penguin/, (6) templates/pda/, (7) templates/oerdec/, (8) templates/nifty/, (9) templates/mylook, and (10) templates/barry/. | |||||
| CVE-2006-5070 | 1 Facestones | 1 Facestones | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in fsl2/objects/fs_form_links.php in faceStones Personal 2.0.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fsinit][objpath] parameter. | |||||
| CVE-2006-5432 | 1 Marc Giombetti | 1 Phppowercards | 2017-10-18 | 2.6 LOW | N/A |
| Multiple direct static code injection vulnerabilities in db/txt.inc.php in phpPowerCards 2.10, when register_globals is enabled, allow remote attackers to create or overwrite arbitrary files via the (1) email[to], (2) email[from], (3) name[to], (4) name[from], (5) picture, (6) comment, or (7) sessionID parameter, as demonstrated by creating a new .php file that permits remote file inclusion, and then requesting this file. | |||||
| CVE-2006-5433 | 1 Timm Maass | 1 Alice Cms | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in modules/guestbook/index.php in ALiCE-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[local_root] parameter. | |||||
| CVE-2006-5434 | 1 P-news | 1 P-news | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 and 1.17 allows remote attackers to execute arbitrary PHP code via a URL in the pn_lang parameter. | |||||