Total
4451 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6958 | 1 Phpbluedragon | 1 Phpbluedragon Cms | 2024-11-21 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon 2.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter to (1) team_admin.php, (2) rss_admin.php, (3) manual_admin.php, and (4) forum_admin.php in includes/root_modules/, a different set of vectors than CVE-2006-3076. | ||||
| CVE-2006-6957 | 1 Docebo | 1 Docebo | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be resultant from a global overwrite vulnerability. This issue is similar to CVE-2006-2576 and CVE-2006-3107, but the vectors are different. | ||||
| CVE-2006-6887 | 1 Logahead | 1 Logahead Unu | 2024-11-21 | N/A |
| Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6760 | 1 Phpmymanga | 1 Phpmymanga | 2024-11-21 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in template.php in Phpmymanga 0.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) actionsPage or (2) formPage parameter. | ||||
| CVE-2006-6748 | 1 Newxooper | 1 Newxooper | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in i-accueil.php in Newxooper 0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6740 | 1 Phpprofiles | 1 Phpprofiles | 2024-11-21 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the incpath parameter to (3) index.inc.php, (4) account.inc.php, (5) admin_newcomm.inc.php, (6) header_admin.inc.php, (7) header.inc.php, (8) friends.inc.php, (9) menu_u.inc.php, (10) notify.inc.php, (11) body.inc.php, (12) body_admin.inc.php, (13) commrecc.inc.php, (14) do_reg.inc.php, (15) comm_post.inc.php, or (16) menu_v.inc.php in include/, different vectors than CVE-2006-5634. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6739 | 1 Paristemi | 1 Paristemi | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689. | ||||
| CVE-2006-6738 | 1 Cwm-design | 1 Cwmcounter | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2006-6732 | 1 Cwm-design | 1 Cwmvote | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter. | ||||
| CVE-2006-6727 | 1 Inertianews | 1 Inertianews | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. | ||||
| CVE-2006-6726 | 1 Inertianews | 1 Inertianews | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in inertianews_main.php in inertianews 0.02 beta allows remote attackers to execute arbitrary PHP code via a URL in the inews_path parameter. | ||||
| CVE-2006-6720 | 1 Azucar Cms | 1 Azucar Cms | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the _VIEW parameter. | ||||
| CVE-2006-6710 | 1 Matteolucarelli | 1 Pgmreloaded | 2024-11-21 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.php, and the CFG[localelangdir] parameter to (c) form_header.php. | ||||
| CVE-2006-6689 | 1 Paristemi | 1 Paristemi | 2024-11-21 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scripts, a different vector than CVE-2006-6739. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6504 | 3 Canonical, Mozilla, Redhat | 4 Ubuntu Linux, Firefox, Seamonkey and 1 more | 2024-11-21 | N/A |
| Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption. | ||||
| CVE-2006-6462 | 1 Cm68 News | 1 Cm68 News | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remote attackers to execute arbitrary PHP code via a URL in the addpath parameter. | ||||
| CVE-2006-6212 | 1 Webwiz | 1 Site News | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in centre.php in Site News (site_news) 2.00, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6086 | 1 E-ark | 1 E-ark | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter. | ||||
| CVE-2006-6041 | 1 Laurent Van Den Reysen | 1 Work System E-commerce | 2024-11-21 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Laurent Van den Reysen WORK system e-commerce 3.0.2, and other versions before 3.0.4, allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to (1) index.php, (2) module/forum/forum.php, (3) unspecified files under module/, and (4) unspecified files under administration/module/. | ||||
| CVE-2006-5865 | 1 Damien Benier | 1 Myalbum | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in language.inc.php in MyAlbum 3.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the langs_dir parameter. | ||||