PHP : Security Vulnerabilities, CVEs, Published In 2006 (File inclusion)
PHP remote file inclusion vulnerability in signer/final.php in warez distributions of Animated Smiley Generator allows remote attackers to execute arbitrary PHP code via a URL in the smiley parameter. NOTE: the vendor disputes this issue, stating that only Warez versions of Animated Smiley Generator were affected, not the developer-provided software: "Legitimately purchased applications do not allow this exploit.
Max CVSS
7.5
EPSS Score
4.64%
Published
2006-12-14
Updated
2024-04-11
PHP remote file inclusion vulnerability in includes/common.php in the ErrorDocs 1.0.0 and earlier module for mxBB (mx_errordocs) allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
Max CVSS
7.5
EPSS Score
5.90%
Published
2006-12-14
Updated
2017-10-19
PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DIR_ADMIN parameter.
Max CVSS
7.5
EPSS Score
15.90%
Published
2006-12-14
Updated
2017-10-19
PHP remote file inclusion vulnerability in usercp_menu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the script_folder parameter.
Max CVSS
7.5
EPSS Score
4.38%
Published
2006-12-15
Updated
2017-10-19
Multiple PHP remote file inclusion vulnerabilities in Bloq 0.5.4 allow remote attackers to execute arbitrary PHP code via a URL in the page[path] parameter to (1) index.php, (2) admin.php, (3) rss.php, (4) rdf.php, (5) rss2.php, or (6) files/mainfile.php.
Max CVSS
7.5
EPSS Score
5.90%
Published
2006-12-15
Updated
2018-10-17
5 vulnerabilities found