Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the root_prefix parameter to (1) index.php, (2) email_subscribe.php, (3) download.php, or (4) development.php.
Max CVSS
7.5
EPSS Score
15.68%
Published
2007-05-31
Updated
2017-10-11
PHP remote file inclusion vulnerability in class/class.php in Webavis 0.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
Max CVSS
6.8
EPSS Score
4.29%
Published
2007-05-31
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in the creator in vBulletin Google Yahoo Site Map (vBGSiteMap) 2.41 for vBulletin allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) vbgsitemap/vbgsitemap-config.php or (2) vbgsitemap/vbgsitemap-vbseo.php.
Max CVSS
7.5
EPSS Score
8.85%
Published
2007-05-31
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 Beta) allow remote attackers to execute arbitrary PHP code via a URL in the pachtofile parameter to (1) skin/html/table.php or (2) login.php.
Max CVSS
6.8
EPSS Score
9.02%
Published
2007-05-31
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/.
Max CVSS
6.8
EPSS Score
14.74%
Published
2007-05-31
Updated
2017-10-11
PHP remote file inclusion vulnerability in admin/admin.php in TROforum 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_url parameter.
Max CVSS
7.5
EPSS Score
6.79%
Published
2007-05-31
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in Frequency Clock 0.1b (Beta 0.1) allow remote attackers to execute arbitrary PHP code via a URL in the securelib parameter to (1) conf.php or (2) cp2.php.
Max CVSS
7.5
EPSS Score
8.85%
Published
2007-05-31
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in Scallywag 2005-04-25 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to template.php in (1) skin/dark/, (2) skin/gold/, or (3) skin/original/.
Max CVSS
6.8
EPSS Score
6.94%
Published
2007-05-30
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) bank_data[root] parameter to modules/bank/includes/design/main.inc.php, or the (2) fm_data[root] parameter to (a) includes/config/master.inc.php or (b) includes/functions/master.inc.php.
Max CVSS
7.5
EPSS Score
17.51%
Published
2007-05-30
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in Simple Accessible XHTML Online News (SAXON) 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) news.php, (2) preview.php, or (3) archive-display.php.
Max CVSS
7.5
EPSS Score
2.13%
Published
2007-05-24
Updated
2018-10-16
Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the path_simpgb parameter to (1) guestbook.php, (2) search.php, (3) mailer.php, (4) avatars.php, (5) ccode.php, (6) comments.php, (7) emoticons.php, (8) gbdownload.php, and possibly other PHP scripts.
Max CVSS
7.5
EPSS Score
4.80%
Published
2007-05-24
Updated
2018-10-16
PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
Max CVSS
7.5
EPSS Score
10.03%
Published
2007-05-24
Updated
2018-10-16
PHP remote file inclusion vulnerability in lib/addressbook.php in Madirish Webmail 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[basedir] parameter.
Max CVSS
7.5
EPSS Score
6.66%
Published
2007-05-22
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7.4 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) test1.php, (2) blackorange.php, (3) default.php, (4) frames1.php, (5) frames1_top.php, (7) test2.php, (8) test3.php, (9) test4.php, (10) test5.php, (11) test6.php, (12) frames1_left.php, and (13) frames1_center.php in themes/.
Max CVSS
7.5
EPSS Score
7.03%
Published
2007-05-22
Updated
2017-10-11
PHP remote file inclusion vulnerability in ImageImageMagick.php in Geeklog 2.x allows remote attackers to execute arbitrary PHP code via a URL in the glConf[path_system] parameter.
Max CVSS
7.5
EPSS Score
7.42%
Published
2007-05-22
Updated
2017-10-11
PHP remote file inclusion vulnerability in template_csv.php in Libstats 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rInfo[content] parameter.
Max CVSS
7.5
EPSS Score
10.03%
Published
2007-05-21
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) _connect.php or (2) modules/startup.php.
Max CVSS
7.5
EPSS Score
17.80%
Published
2007-05-21
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in Build it Fast (bif3) 0.4.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the pear_dir parameter to Base/Application.php, or the (2) sys_dir parameter to (a) Footer.php, (b) widget.BifContainer.php, (c) widget.BifRoot.php, (d) widget.BifRoot2.php, (e) widget.BifRoot3.php, or (f) widget.BifWarning.php in Widgets/Base/.
Max CVSS
7.5
EPSS Score
16.96%
Published
2007-05-18
Updated
2017-10-11
Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the format_menue parameter to (1) admin/inc/change_action.php or (2) admin/inc/add.php.
Max CVSS
7.5
EPSS Score
10.03%
Published
2007-05-17
Updated
2017-10-11
PHP remote file inclusion vulnerability in custom_vars.php in GlossWord 1.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the sys[path_addon] parameter.
Max CVSS
7.5
EPSS Score
15.33%
Published
2007-05-17
Updated
2017-10-11
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
Max CVSS
10.0
EPSS Score
5.04%
Published
2007-05-17
Updated
2017-10-11
PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2.00-P00 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][IT] parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
1.08%
Published
2007-05-16
Updated
2012-11-06
PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter.
Max CVSS
7.5
EPSS Score
2.11%
Published
2007-05-16
Updated
2017-10-11
PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.
Max CVSS
7.5
EPSS Score
5.29%
Published
2007-05-16
Updated
2017-10-11
PHP remote file inclusion vulnerability in linksnet_linkslog_rss.php in Linksnet Newsfeed 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dirpath_linksnet_newsfeed parameter.
Max CVSS
6.8
EPSS Score
9.02%
Published
2007-05-16
Updated
2017-10-11
76 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!