PHP remote file inclusion vulnerability in fcring.php in FCRing 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the s_fuss parameter.
Max CVSS
7.5
EPSS Score
17.14%
Published
2007-02-27
Updated
2017-10-11
PHP remote file inclusion vulnerability in sinapis.php in Sinapis Forum 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter.
Max CVSS
7.5
EPSS Score
8.45%
Published
2007-02-27
Updated
2017-10-11
PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter.
Max CVSS
7.5
EPSS Score
8.45%
Published
2007-02-27
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the body parameter to templates/ZPanelV2/template.php or (2) the page parameter to zpanel.php. NOTE: the zpanel.php vector may overlap CVE-2005-0793.2. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
2.37%
Published
2007-02-27
Updated
2017-07-29
Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path_to_smf parameter to (1) bridges/SMF/logout.php or (2) get_session_vars.php.
Max CVSS
6.8
EPSS Score
11.14%
Published
2007-02-27
Updated
2017-10-11
PHP remote file inclusion vulnerability in index.php in Christian Schneider CS-Gallery 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the album parameter during a securealbum todo action.
Max CVSS
6.8
EPSS Score
11.81%
Published
2007-02-26
Updated
2017-10-11
PHP remote file inclusion vulnerability in includes/functions_nomoketos_rules.php in the NoMoKeTos Rules 0.0.1 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Max CVSS
6.8
EPSS Score
6.57%
Published
2007-02-26
Updated
2017-10-11
PHP remote file inclusion vulnerability in functions.php in Extreme phpBB (aka phpBB Extreme) 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Max CVSS
5.0
EPSS Score
4.92%
Published
2007-02-26
Updated
2017-10-11
PHP remote file inclusion vulnerability in top.php in PHP Module Implementation (PHP-MIP) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter.
Max CVSS
4.3
EPSS Score
4.92%
Published
2007-02-26
Updated
2017-10-11
PHP remote file inclusion vulnerability in index.php in FlashGameScript 1.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the func parameter.
Max CVSS
7.5
EPSS Score
10.46%
Published
2007-02-22
Updated
2018-10-16
Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, when register_globals and allow_fopenurl are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the ROOTDIR parameter to (1) createemails.inc.php and (2) send_emails.inc.php in /admin/includes/.
Max CVSS
6.8
EPSS Score
31.54%
Published
2007-02-22
Updated
2018-10-16
PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the gbpfad parameter. NOTE: some sources mention "Ultimate Fun Board," but this appears to be an error.
Max CVSS
6.8
EPSS Score
11.81%
Published
2007-02-22
Updated
2017-10-19
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpXmms 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the tcmdp parameter to (1) phpxmmsb.php or (2) phpxmmst.php. NOTE: this issue has been disputed by a reliable third party, stating that the tcmdp variable is initialized by config.php.
Max CVSS
10.0
EPSS Score
0.90%
Published
2007-02-21
Updated
2018-10-16
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dbpath parameter, a different vector than CVE-2006-5062. NOTE: this issue has been disputed by a reliable third party for 4.65, stating that the dbpath variable is initialized in an included file that is created upon installation.
Max CVSS
10.0
EPSS Score
1.10%
Published
2007-02-21
Updated
2018-10-16
PHP remote file inclusion vulnerability in admin_rebuild_search.php in phpbb_wordsearch allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Max CVSS
7.5
EPSS Score
1.10%
Published
2007-02-21
Updated
2018-10-16
PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter.
Max CVSS
7.5
EPSS Score
8.56%
Published
2007-02-21
Updated
2017-10-11
PHP remote file inclusion vulnerability in include.php in Meganoide's news 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter.
Max CVSS
10.0
EPSS Score
15.33%
Published
2007-02-21
Updated
2018-10-16
PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
9.3
EPSS Score
0.46%
Published
2007-02-21
Updated
2008-11-15
PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter.
Max CVSS
9.3
EPSS Score
11.81%
Published
2007-02-21
Updated
2017-10-11
PHP remote file inclusion vulnerability in generate.php in VirtualSystem Htaccess Passwort Generator 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the ht_pfad parameter.
Max CVSS
10.0
EPSS Score
15.33%
Published
2007-02-21
Updated
2017-10-11
PHP remote file inclusion vulnerability in functions_inc.php in VS-Gastebuch 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad parameter.
Max CVSS
7.5
EPSS Score
10.03%
Published
2007-02-21
Updated
2017-10-19
Multiple PHP remote file inclusion vulnerabilities in ZebraFeeds 1.0, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the zf_path parameter to (1) aggregator.php and (2) controller.php in newsfeeds/includes/.
Max CVSS
6.8
EPSS Score
56.92%
Published
2007-02-21
Updated
2017-10-11
PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5, when PHP 5.0.0 or later is used, allows remote attackers to execute arbitrary PHP code via an ftp URL in the n parameter.
Max CVSS
5.1
EPSS Score
10.17%
Published
2007-02-16
Updated
2018-10-16
PHP remote file inclusion vulnerability in _admin/nav.php in AT Contenator 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the Root_To_Script parameter.
Max CVSS
6.8
EPSS Score
7.60%
Published
2007-02-16
Updated
2017-10-19
Multiple PHP remote file inclusion vulnerabilities in TagIt! Tagboard 2.1.B Build 2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) configpath parameter to (a) tagviewer.php, (b) tag_process.php, and (c) CONFIG/errmsg.inc.php; and (d) addTagmin.php, (e) ban_watch.php, (f) delTagmin.php, (g) delTag.php, (h) editTagmin.php, (i) editTag.php, (j) manageTagmins.php, and (k) verify.php in tagmin/; the (2) adminpath parameter to (l) tagviewer.php, (m) tag_process.php, and (n) tagmin/index.php; and the (3) admin parameter to (o) readconf.php, (p) updateconf.php, (q) updatefilter.php, and (r) wordfilter.php in tagmin/; different vectors than CVE-2006-5249.
Max CVSS
7.5
EPSS Score
22.45%
Published
2007-02-13
Updated
2017-07-29
85 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!