Cyber Security

5 exploits Active since Mar 2007
EIP-2026-112641 EXPLOITDB text WRITEUP
The Search Engine Project 0.942 - 'Configfunction.php' Remote File Inclusion
CVE-2006-7184 EXPLOITDB text WRITEUP
Exhibit Engine < 1.22 - Remote File Inclusion via toroot Parameter
Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7184 EXPLOITDB text WRITEUP
Exhibit Engine < 1.22 - Remote File Inclusion via toroot Parameter
Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2064 EXPLOITDB text WRITEUP
Robert Ladstaetter ActionPoll 1.1.0-1.1.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG_POLLDB parameter to actionpoll.php or (2) the CONFIG_DB parameter to db/DataReaderWriter.php, different vectors than CVE-2001-1297.
CVE-2007-2065 EXPLOITDB text WRITEUP
Robert Ladstaetter ActionPoll 1.1.1 - RCE
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG_DATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.