Total
3704 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-0709 | 3 Mysql, Oracle, Redhat | 4 Mysql, Mysql, Enterprise Linux and 1 more | 2024-08-07 | N/A |
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. | ||||
CVE-2006-7181 | 1 Morcego Cms | 1 Morcego Cms | 2024-08-07 | N/A |
Multiple PHP remote file inclusion vulnerabilities in Morcego CMS 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) fichero parameter to morcegoCMS.php or the (2) path parameter to adodb/adodb.inc.php. NOTE: vector 1 has been disputed by a third party who shows that $fichero can not be controlled by an attacker | ||||
CVE-2006-7146 | 1 Cuttlefish | 1 Leicestershire Communityportals | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions | ||||
CVE-2006-7105 | 1 Smarty | 1 Smarty | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect | ||||
CVE-2005-0227 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2024-08-07 | N/A |
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension. | ||||
CVE-2005-0103 | 2 Redhat, Squirrelmail | 2 Enterprise Linux, Squirrelmail | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code. | ||||
CVE-2006-7237 | 1 Ixprim-cms | 1 Ixprim | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in mod/nc_phpmyadmin/core/libraries/Theme_Manager.class.php in Ixprim 2.0 allows remote attackers to execute arbitrary PHP code via a URL in an unspecified parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2006-7147 | 1 Phpbb | 1 Import Tools | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
CVE-2006-6962 | 1 Joomla | 1 Rs Gallery2 | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in rsgallery2.html.php in the RS Gallery2 component (com_rsgallery2) 1.11.2 for Joomla! allows attackers to execute arbitrary PHP code via the mosConfig_absolute_path parameter. NOTE: this issue may overlap CVE-2006-5047. | ||||
CVE-2006-7104 | 1 Mambo | 1 Mostlyce | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in htmltemplate.php in the Chad Auld MOStlyContent Editor (MOStlyCE) as created on May 2006, a component for Mambo 4.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
CVE-2006-7102 | 1 Matthias Dietrich | 1 Phpburningportal Quiz-modul | 2024-08-07 | N/A |
Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or (3) quest_news.php. | ||||
CVE-2006-6958 | 1 Phpbluedragon | 1 Phpbluedragon Cms | 2024-08-07 | N/A |
Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon 2.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter to (1) team_admin.php, (2) rss_admin.php, (3) manual_admin.php, and (4) forum_admin.php in includes/root_modules/, a different set of vectors than CVE-2006-3076. | ||||
CVE-2006-7127 | 1 Salims Softhouse | 1 Jaf Cms | 2024-08-07 | N/A |
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php. | ||||
CVE-2006-7130 | 1 Jinzora | 1 Jinzora | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in backend/primitives/cache/media.php in Jinzora 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter, a different vector than CVE-2006-6770. | ||||
CVE-2006-7090 | 1 Phpbb Security | 1 Phpbb Security | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in phpbb_security.php in phpBB Security 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the php_root_path parameter. | ||||
CVE-2006-7100 | 1 Phpbb | 1 Insert User | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
CVE-2006-6957 | 1 Docebo | 1 Docebo | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be resultant from a global overwrite vulnerability. This issue is similar to CVE-2006-2576 and CVE-2006-3107, but the vectors are different. | ||||
CVE-2006-7106 | 1 Powerphlogger | 1 Powerphlogger | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter. | ||||
CVE-2006-7021 | 1 Plume-cms | 1 Plume Cms | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in manager/tools/link/dbinstall.php in Plume CMS 1.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the _PX_config[manager_path] parameter. | ||||
CVE-2006-6976 | 1 Centipaid | 1 Centipaid | 2024-08-07 | N/A |
PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.2 and earlier allows remote attackers to execute arbitrary code via a URL in the absolute_path parameter. |