Voice Of Web : Security Vulnerabilities, CVEs, CVSS score >= 5
Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the AMG_serverpath parameter to (1) comments.php and (2) signin.php; and possibly via a URL in unspecified parameters to (3) include/submit.inc.php, (4) admin/index.php, (5) include/cm_submit.inc.php, and (6) index.php.
Max CVSS
7.5
EPSS Score
20.10%
Published
2007-01-11
Updated
2017-10-19
PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AML_opensite parameter.
Max CVSS
7.5
EPSS Score
5.41%
Published
2007-01-11
Updated
2017-10-19
Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _AMGconfig[cfg_serverpath] parameter in (1) modules/AllMyGuests/signin.php (aka the Nuke module) and (2) AllMyGuests/signin.php (aka the standalone).
Max CVSS
7.5
EPSS Score
6.57%
Published
2006-09-26
Updated
2017-10-19
PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote attackers to execute arbitrary PHP code via a URL in the _AMVconfig[cfg_serverpath] parameter.
Max CVSS
9.8
EPSS Score
4.36%
Published
2004-11-23
Updated
2024-02-08
4 vulnerabilities found