Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter.
Max CVSS
10.0
EPSS Score
6.32%
Published
2004-11-23
Updated
2017-07-11
PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains the code.
Max CVSS
9.8
EPSS Score
1.26%
Published
2004-01-20
Updated
2024-02-08
PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote attackers to execute arbitrary PHP code via a URL in the _AMVconfig[cfg_serverpath] parameter.
Max CVSS
9.8
EPSS Score
4.36%
Published
2004-11-23
Updated
2024-02-08
PHP remote file inclusion vulnerability in config.php for PhpDig 1.6.5 and earlier allows remote attackers to execute arbitrary PHP code by modifying the $relative_script_path parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
0.82%
Published
2004-02-17
Updated
2017-10-10
PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
6.09%
Published
2004-02-17
Updated
2017-10-10
PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script.
Max CVSS
7.5
EPSS Score
6.61%
Published
2004-02-17
Updated
2017-07-11
PHP remote file inclusion vulnerability in the GEDCOM configuration script for phpGedView 2.65.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains a malicious theme.php script.
Max CVSS
7.5
EPSS Score
6.59%
Published
2004-03-03
Updated
2017-10-10
Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[language_home] parameter to archivednews.php, and a malicious version of lang_admin.php.
Max CVSS
7.5
EPSS Score
3.50%
Published
2004-03-03
Updated
2017-07-11
PHP remote file inclusion vulnerability in index.php for Artmedic links 5.0 (artmedic_links5) allows remote attackers to execute arbitrary PHP code by modifying the id parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
0.82%
Published
2004-12-06
Updated
2017-07-11
PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
1.24%
Published
2004-12-31
Updated
2017-07-11
Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the server_inc parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
3.06%
Published
2004-12-31
Updated
2017-07-11
Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office (VLO) and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpc_root_path parameter to (1) includes/calendar.php or (2) includes/setup.php.
Max CVSS
7.5
EPSS Score
18.43%
Published
2004-12-31
Updated
2018-10-19
PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and earlier allows remote attackers to execute arbitrary PHP code by modifying the G_PATH parameter to reference a URL on a remote web server that contains the code, as demonstrated in index.php when using .. (dot dot) sequences in the lng parameter to cause main.inc to be loaded.
Max CVSS
7.5
EPSS Score
0.90%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
4.06%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
5.79%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbitrary PHP code by modifying the libpath parameter (incorrectly called "libpach") to reference a URL on a remote web server that contains _more.php, as demonstrated using checkdb.inc.php.
Max CVSS
7.5
EPSS Score
1.14%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script.
Max CVSS
7.5
EPSS Score
5.53%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP code via the cutepath parameter to (1) show_archives.php or (2) show_news.php.
Max CVSS
7.5
EPSS Score
1.57%
Published
2004-08-30
Updated
2017-07-11
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
5.56%
Published
2004-09-18
Updated
2017-07-11
PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitrary PHP code by modifying the (1) t_core_path parameter to bug_api.php or (2) t_core_dir parameter to relationship_api.php to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
0.76%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3.
Max CVSS
7.5
EPSS Score
4.19%
Published
2004-12-31
Updated
2017-07-11
PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary PHP code by modifying the basepath parameter to reference a URL on a remote web server that contains fileFunctions.php.
Max CVSS
7.5
EPSS Score
6.53%
Published
2004-03-15
Updated
2017-07-11
PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 allows remote attackers to execute arbitrary PHP code via the base parameter.
Max CVSS
7.5
EPSS Score
11.45%
Published
2004-04-15
Updated
2017-07-11
PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.
Max CVSS
7.5
EPSS Score
5.82%
Published
2004-04-19
Updated
2017-07-11
PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows remote attackers to execute arbitrary PHP code by modifying the CPG_M_DIR to reference a URL on a remote web server that contains functions.inc.php.
Max CVSS
7.5
EPSS Score
9.08%
Published
2004-04-30
Updated
2017-07-11
38 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!