Vulnerabilities (CVE)

Filtered by vendor E-ark Subscribe
Filtered by product E-ark
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-6086 1 E-ark 1 E-ark 2024-02-04 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter.
CVE-2007-5216 1 E-ark 1 E-ark 2024-02-04 6.8 MEDIUM N/A
Multiple PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the cfg_vcard_path parameter to src/vcard_inc.php or (2) the cfg_phpmailer_path parameter to src/email_inc.php. NOTE: the ark_inc.php vector is already covered by CVE-2006-6086.