Total
3303 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1405 | 1 Fuzzylime | 1 Fuzzylime | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in code/display.php in fuzzylime (cms) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter. | |||||
| CVE-2008-1126 | 1 Barryvan Compo | 1 Barryvan Compo Manager | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in main.php in Barryvan Compo Manager 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the pageURL parameter. | |||||
| CVE-2008-1124 | 1 Podcast Generator | 1 Podcast Generator | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absoluteurl parameter to (1) components/xmlparser/loadparser.php; (2) admin.php, (3) categories.php, (4) categories_add.php, (5) categories_remove.php, (6) edit.php, (7) editdel.php, (8) ftpfeature.php, (9) login.php, (10) pgRSSnews.php, (11) showcat.php, and (12) upload.php in core/admin/; and (13) archive_cat.php, (14) archive_nocat.php, and (15) recent_list.php in core/. | |||||
| CVE-2008-1123 | 1 Sitebuilder | 1 Sitebuilder Elite | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SiteBuilder Elite 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the CarpPath parameter to (1) files/carprss.php and (2) files/amazon-bestsellers.php. | |||||
| CVE-2008-1074 | 1 Group E | 1 Group E | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in lib/head_auth.php in GROUP-E 1.6.41 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[PREPEND_FILE] parameter. | |||||
| CVE-2008-1069 | 1 Quantum Game Library | 1 Quantum Game Library | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php. | |||||
| CVE-2008-1068 | 1 Portail Web Php | 1 Portail Web Php | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than CVE-2008-0645. | |||||
| CVE-2008-1067 | 1 Phpqladmin | 1 Phpqladmin | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[path] parameter to (1) ezmlm.php and (2) tools/update_translations.php. | |||||
| CVE-2008-1051 | 1 Phpprofiles | 1 Phpprofiles | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in include/body_comm.inc.php in phpProfiles 4.5.2 BETA allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | |||||
| CVE-2008-1046 | 1 Quinsonnas | 1 Quinsonnas Mail Checker | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in footer.php in Quinsonnas Mail Checker 1.55 allows remote attackers to execute arbitrary PHP code via a URL in the op[footer_body] parameter. | |||||
| CVE-2008-1038 | 1 Drbenhur.com | 1 Dbhcms | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in mod/mod.extmanager.php in DBHcms 1.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the extmanager_install parameter. | |||||
| CVE-2008-0804 | 1 Thecus | 1 N5200pro Nas Server Control Panel | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter. | |||||
| CVE-2008-0803 | 1 Lookstrike | 1 Lan Manager | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan Manager 0.9 allow remote attackers to execute arbitrary PHP code via a URL in the sys_conf[path][real] parameter to (1) modules\class\Table.php; (2) db_admins.php, (3) db_alert.php, (4) db_double.php, (5) db_games.php, (6) db_matches.php, (7) db_match_teams.php, (8) db_news.php, (9) db_platform.php, (10) db_players.php, (11) db_server_group.php, (12) db_server_ip.php, (13) db_teams.php, (14) db_team_players.php, (15) db_tournaments.php, (16) db_tournament_teams.php, and (17) db_trees.php in modules\class\db\; and (18) Match.php, (19) MatchTeam.php, (20) Rule.php, (21) RuleBuilder.php, (22) RulePool.php, (23) RuleSingle.php, (24) RuleTree.php, (25) Tournament.php, (26) TournamentTeam.php, (27) Tree.php, and (28) TreeSingle.php in modules\class\tournament\. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences. | |||||
| CVE-2008-0648 | 1 Opensiteadmin | 1 Opensiteadmin | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin 0.9.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) indexFooter.php; and (2) DatabaseManager.php, (3) FieldManager.php, (4) Filter.php, (5) Form.php, (6) FormManager.php, (7) LoginManager.php, and (8) Filters/SingleFilter.php in scripts/classes/. | |||||
| CVE-2008-0572 | 1 Mindmeld | 1 Mindmeld | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/. | |||||
| CVE-2008-0567 | 1 Chronoengine | 1 Chronoforms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3) PPS.php in excelwriter/; and (4) BIFFwriter.php, (5) Workbook.php, (6) Worksheet.php, and (7) Format.php in excelwriter/Writer/. | |||||
| CVE-2008-0566 | 1 Deltascripts | 1 Php Links | 2017-09-29 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/smarty.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path_to_public_program parameter. | |||||
| CVE-2008-0551 | 2 Microsoft, Sejoong Namo | 2 Activex, Activesquare | 2017-09-29 | 9.3 HIGH | N/A |
| The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0503 | 1 Netwerk | 1 Smart Publisher | 2017-09-29 | 6.8 MEDIUM | N/A |
| Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter. | |||||
| CVE-2008-0502 | 1 Connectix | 1 Connectix Boards | 2017-09-29 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter. | |||||