Total
5290 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2575 | 1 Vm Watermark | 1 Vm Watermark | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in watermark.php in the vm (aka Jean-Francois Laflamme) watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter. | ||||
| CVE-2008-6221 | 2 Dadamailproject, Joomla | 2 Dada Mail Manager, Joomla | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter. | ||||
| CVE-2006-6975 | 1 Centipaid | 1 Centipaid | 2025-04-09 | 9.8 Critical |
| PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been disputed by CVE and multiple third parties, who state that $class_pwd is set to a static value before the relevant include statement | ||||
| CVE-2007-2521 | 1 E-gads | 1 E-gads | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in common.php in E-GADS! before 2.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the locale parameter. | ||||
| CVE-2008-6223 | 1 Wotw | 1 Way Of The Warrior | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plancia parameter to crea.php. | ||||
| CVE-2008-3949 | 1 Suse | 1 Suse Linux | 2025-04-09 | N/A |
| emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file. | ||||
| CVE-2007-2428 | 1 Ahhp-portal | 1 Ahhp-portal | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp-Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) fp or (2) sc parameter. | ||||
| CVE-2008-4024 | 1 Microsoft | 8 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Outlook and 5 more | 2025-04-09 | N/A |
| Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability." | ||||
| CVE-2008-6287 | 1 Getmiro | 1 Broadcast Machine | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/. | ||||
| CVE-2008-6318 | 1 Phpmygallery | 1 Phpmygallery | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter, a different vector than CVE-2008-6317. | ||||
| CVE-2008-4134 | 1 Phprealty | 1 Phprealty | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter. | ||||
| CVE-2008-4141 | 1 X10media | 1 .x10 Automatic Mp3 Script | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in x10Media x10 Automatic MP3 Script 1.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the web_root parameter to (1) includes/function_core.php and (2) templates/layout_lyrics.php. | ||||
| CVE-2008-6403 | 1 Openrat | 1 Openrat | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpl_dir parameter. | ||||
| CVE-2008-4305 | 1 Php-collab | 1 Php-collab | 2025-04-09 | N/A |
| Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI. | ||||
| CVE-2008-4385 | 1 Systemrequirementslab | 1 System Requirements Lab | 2025-04-09 | N/A |
| Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in (1) a certain ActiveX control (sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) a certain Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar. | ||||
| CVE-2008-6482 | 2 Joomla, Justjoomla | 2 Joomla, Com Treeg | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.treeg.php in the Flash Tree Gallery (com_treeg) component 1.0 for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_live_site parameter. | ||||
| CVE-2008-6486 | 1 Shatm | 1 Sharedlog | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in slideshow_uploadvideo.content.php in SharedLog, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_dir] parameter. | ||||
| CVE-2008-4529 | 1 Asicms | 1 Asicms | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the _ENV[asicms][path] parameter to (1) Association.php, (2) BigMath.php, (3) DiffieHellman.php, (4) DumbStore.php, (5) Extension.php, (6) FileStore.php, (7) HMAC.php, (8) MemcachedStore.php, (9) Message.php, (10) Nonce.php, (11) SQLStore.php, (12) SReg.php, (13) TrustRoot.php, and (14) URINorm.php in classes/Auth/OpenID/; and (15) XRDS.php, (16) XRI.php and (17) XRIRes.php in classes/Auth/Yadis/. | ||||
| CVE-2008-6513 | 1 Aphpkb | 1 Aphpkb | 2025-04-09 | N/A |
| Unrestricted file upload vulnerability in saa.php in Andy's PHP Knowledgebase (aphpkb) 0.92.9 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a link that is listed by authors.php. | ||||
| CVE-2007-2340 | 1 Phporacleview | 1 Phporacleview | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in inc/include_all.inc.php in phporacleview allow remote attackers to execute arbitrary PHP code via a URL in the (1) page_dir or (2) inc_dir parameters. | ||||