Total
3562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3303 | 1 Apache | 1 Http Server | 2024-02-04 | 4.9 MEDIUM | N/A |
| Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments. | |||||
| CVE-2007-6348 | 1 Squirrelmail | 1 Squirrelmail | 2024-02-04 | 6.8 MEDIUM | N/A |
| SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code. | |||||
| CVE-2006-6962 | 1 Joomla | 1 Rs Gallery2 | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in rsgallery2.html.php in the RS Gallery2 component (com_rsgallery2) 1.11.2 for Joomla! allows attackers to execute arbitrary PHP code via the mosConfig_absolute_path parameter. NOTE: this issue may overlap CVE-2006-5047. | |||||
| CVE-2007-4712 | 1 Enetman | 1 Enetman | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in eNetman 1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | |||||
| CVE-2008-0283 | 1 Domphp | 1 Domphp | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in /aides/index.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | |||||
| CVE-2007-0699 | 1 Portail Web Php | 1 Portail Web Php | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter. | |||||
| CVE-2006-4844 | 2 Claroline, Dokeos | 2 Claroline, Open Source Learning And Knowledge Management Tool | 2024-02-04 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the extAuthSource[newUser] parameter. | |||||
| CVE-2007-4923 | 1 Joomla | 1 Joomla Radio | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in the Joomla Radio 5 (com_joomlaradiov5) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | |||||
| CVE-2008-1123 | 1 Sitebuilder | 1 Sitebuilder Elite | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SiteBuilder Elite 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the CarpPath parameter to (1) files/carprss.php and (2) files/amazon-bestsellers.php. | |||||
| CVE-2007-6485 | 1 Centreon | 1 Centreon | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote attackers to execute arbitrary PHP code via a URL in the fileOreonConf parameter to (1) MakeXML.php or (2) MakeXML4statusCounter.php in include/monitoring/engine/. | |||||
| CVE-2006-7106 | 1 Powerphlogger | 1 Powerphlogger | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter. | |||||
| CVE-2007-5314 | 1 Xkiosk | 1 Xkiosk Web | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PEARPATH parameter. | |||||
| CVE-2007-6550 | 1 Pmos Helpdesk | 1 Pmos Helpdesk | 2024-02-04 | 7.5 HIGH | N/A |
| form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter. | |||||
| CVE-2008-0516 | 1 Sqlite Manager | 1 Sqlite Manager | 2024-02-04 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in SQLiteManager 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1060 | 1 Wordpress | 1 Sniplets Plugin | 2024-02-04 | 7.5 HIGH | N/A |
| Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter. | |||||
| CVE-2007-1078 | 1 Flashgamescript | 1 Flashgamescript | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in FlashGameScript 1.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the func parameter. | |||||
| CVE-2007-5840 | 1 Syndeocms | 1 Syndeocms | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2. | |||||
| CVE-2007-5599 | 1 Awrate | 1 Awrate | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) 404.php or (2) topbar.php, different vectors than CVE-2006-6368. | |||||
| CVE-2007-5315 | 1 Softpedia | 1 Livealbum | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the livealbum_dir parameter. | |||||
| CVE-2008-1170 | 1 Kcwiki | 1 Kcwiki | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the page parameter to (1) minimal/wiki.php and (2) simplest/wiki.php. | |||||