Security Vulnerabilities, CVEs, Published In 2005 (File inclusion) CVSS score >= 1
PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerability than CVE-2005-1965.
Max CVSS
7.5
EPSS Score
0.30%
Published
2005-12-31
Updated
2008-09-05
PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.
Max CVSS
7.5
EPSS Score
15.60%
Published
2005-12-31
Updated
2018-10-19
PHP remote file inclusion vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the $_CCFG[_PKG_PATH_DBSE] variable.
Max CVSS
7.5
EPSS Score
7.61%
Published
2005-12-14
Updated
2018-10-19
PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter.
Max CVSS
7.5
EPSS Score
4.47%
Published
2005-11-29
Updated
2018-10-19
PHP remote file inclusion vulnerability in athena.php in Oliver May Athena PHP Website Administration 0.1a allows remote attackers to execute arbitrary PHP code via a URL in the athena_dir parameter.
Max CVSS
7.5
EPSS Score
10.42%
Published
2005-11-29
Updated
2018-10-19
PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.
Max CVSS
7.5
EPSS Score
11.60%
Published
2005-11-29
Updated
2018-10-19
PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the main parameter.
Max CVSS
7.5
EPSS Score
1.06%
Published
2005-11-26
Updated
2011-08-10
PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter.
Max CVSS
7.5
EPSS Score
15.36%
Published
2005-11-24
Updated
2017-07-11
PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter.
Max CVSS
7.5
EPSS Score
1.52%
Published
2005-11-23
Updated
2016-10-18
PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote attackers to execute arbitrary code via the pun_root parameter.
Max CVSS
7.5
EPSS Score
3.11%
Published
2005-10-27
Updated
2016-10-18
PHP remote file inclusion vulnerability in index.php in AlstraSoft E-Friends 4.0 allows remote attackers to execute arbitrary PHP code via the mode parameter.
Max CVSS
7.5
EPSS Score
0.95%
Published
2005-09-27
Updated
2016-10-18
Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
Max CVSS
7.5
EPSS Score
0.63%
Published
2005-09-08
Updated
2017-07-11
PHP remote file inclusion vulnerability in lang.php in CMS Made Simple 0.10 and earlier allows remote attackers to execute arbitrary PHP code via the nls[file][vx][vxsfx] parameter.
Max CVSS
7.5
EPSS Score
7.05%
Published
2005-09-08
Updated
2016-10-18
PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the custom_welcome_page parameter.
Max CVSS
7.5
EPSS Score
0.70%
Published
2005-09-02
Updated
2020-11-16
PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote attackers to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for "http" and "https" URLs.
Max CVSS
7.5
EPSS Score
5.47%
Published
2005-09-02
Updated
2017-07-11
PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts.
Max CVSS
7.5
EPSS Score
3.09%
Published
2005-08-29
Updated
2017-07-11
PHP remote file inclusion vulnerability in SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.
Max CVSS
7.5
EPSS Score
2.48%
Published
2005-08-24
Updated
2017-07-11
PHP remote file inclusion vulnerability in SysCP 1.2.10 and earlier allows remote attackers to execute arbitrary PHP code via the language parameter.
Max CVSS
7.5
EPSS Score
1.22%
Published
2005-08-16
Updated
2016-10-18
PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter.
Max CVSS
5.0
EPSS Score
1.07%
Published
2005-08-10
Updated
2017-07-11
PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in Atomic Photo Album (APA) allows remote attackers to execute arbitrary PHP code via the apa_module_basedir parameter.
Max CVSS
5.0
EPSS Score
1.61%
Published
2005-08-03
Updated
2017-07-11
PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter.
Max CVSS
5.0
EPSS Score
1.07%
Published
2005-08-03
Updated
2017-07-11
PHP remote file inclusion vulnerability in display.php in MooseGallery allows remote attackers to execute arbitrary PHP code via the type parameter.
Max CVSS
5.0
EPSS Score
0.61%
Published
2005-07-20
Updated
2017-07-11
PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 and 0.3.2.7 allows remote attackers to execute arbitrary PHP code via the CFG_PATH variable.
Max CVSS
5.0
EPSS Score
0.42%
Published
2005-07-20
Updated
2008-09-05
PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php, (2) clmcpreload.php, (3) mcconfig.php, or (4) mcpi-demo.php.
Max CVSS
7.5
EPSS Score
2.03%
Published
2005-07-19
Updated
2008-09-05
PHP remote file inclusion vulnerability in photolist.inc.php in Squito Gallery 1.33 allows remote attackers to execute arbitrary code via the photoroot parameter.
Max CVSS
7.5
EPSS Score
1.37%
Published
2005-07-13
Updated
2008-09-05