GoLd_M

171 exploits Active since Jul 2005
CVE-2007-6322 EXPLOITDB text WORKING POC
xml2owl 0.1.1 - Path Traversal via File Parameter
Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2007-3057 EXPLOITDB html WORKING POC
XOOPS icontent_module 4.5 - Remote File Inclusion via spaw_root Parameter
PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
CVE-2007-2091 EXPLOITDB text WRITEUP
tsdisplay4xoops 0.1 - Remote Code Execution via xoops_url Parameter
PHP remote file inclusion vulnerability in blocks/tsdisplay4xoops_block2.php in tsdisplay4xoops (TSD4XOOPS, aka the TeamSpeak display module) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the xoops_url parameter.
CVE-2008-0813 EXPLOITDB text WORKING POC
XPWeb 3.0.1, 3.3.2 - Path Traversal via Download.php url Parameter
Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
CVE-2007-3289 EXPLOITDB text WRITEUP
WiwiMod 0.4 for XOOPS - Remote File Inclusion via spaw_root Parameter
PHP remote file inclusion vulnerability in spaw/spaw_control.class.php in the WiwiMod 0.4 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
CVE-2007-6369 EXPLOITDB text WORKING POC
PictPress < 0.91 - Path Traversal via Size or Path Parameter
Multiple directory traversal vulnerabilities in resize.php in the PictPress 0.91 and earlier plugin for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) size or (2) path parameter.
CVE-2008-5752 EXPLOITDB text WORKING POC
Page Flip Image Gallery <0.2.2 - Path Traversal
Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and earlier for WordPress, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of these details are obtained from third party information.
CVE-2007-2570 EXPLOITDB text WRITEUP
Wikivi5 - Remote File Inclusion via sous_rep Parameter
PHP remote file inclusion vulnerability in handlers/page/show.php in Wikivi5 allows remote attackers to execute arbitrary PHP code via a URL in the sous_rep parameter.
CVE-2007-2426 EXPLOITDB text WRITEUP
myGallery < 1.4b4 - Remote File Inclusion via myPath Parameter
PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter.
CVE-2008-6002 EXPLOITDB text WRITEUP
web-cp 0.5.7 - Path Traversal via sendfile.php filelocation Parameter
Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when register_globals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parameter.
CVE-2007-6213 EXPLOITDB text WORKING POC
WebED 0.0.9 - Path Traversal via Root and Path Parameters
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters.
CVE-2007-0585 EXPLOITDB text WORKING POC
webfwlog < 0.92 - Remote Source Code Disclosure via conffile Parameter
include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks.
CVE-2007-2307 EXPLOITDB text WRITEUP
WebKalk2 1.9.0 - Remote File Inclusion via Absolute Path Parameter
PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter.
EIP-2026-113340 EXPLOITDB text WORKING POC
WebPortal CMS 0.7.4 - 'code' Remote Code Execution
CVE-2007-0591 EXPLOITDB text WRITEUP
Vu Le An Virtual Path 1.0 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in configure.php in Vu Le An Virtual Path (VirtualPath) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-2934 EXPLOITDB text WORKING POC
Vistered Little <1.6a - Path Traversal
Directory traversal vulnerability in skins/common.css.php in Vistered Little 1.6a allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter.
CVE-2007-2067 EXPLOITDB text WRITEUP
Marco Antonio Islas Cruz WebSlider 0.6 - RCE
Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) index.php, (2) modules/pdf.php, (3) plugins/highlight.php, or (4) include/modules.php.
CVE-2008-6139 EXPLOITDB text WRITEUP
WebBiscuits Modules Controller 1.1 - Path Traversal
Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter.
CVE-2007-0703 EXPLOITDB text WORKING POC
WebBuilder < 2.0 - Remote File Inclusion via GLOBALS[core][module_path] Parameter
PHP remote file inclusion vulnerability in library/StageLoader.php in WebBuilder 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[core][module_path] parameter.
CVE-2007-5628 EXPLOITDB text WORKING POC
The Online Web Library Site (TOWels) 0.1 - Remote Code Execution via pageHeaderFile Parameter
PHP remote file inclusion vulnerability in src/scripture.php in The Online Web Library Site (TOWels) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the pageHeaderFile parameter.
CVE-2009-3151 EXPLOITDB text WORKING POC
Ultrize TimeSheet 1.2.2 - Path Traversal via File Download Parameter
Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter.
CVE-2008-4894 EXPLOITDB text WORKING POC
Tribiq CMS 5.0.10a and 5.0.12c - Remote File Inclusion via Template Path Parameter
Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the template_path parameter. NOTE: it was later reported that this issue also affects 5.0.12c.
CVE-2007-0359 EXPLOITDB text WRITEUP
Uberghey CMS 0.3.1 - Remote File Inclusion via frontpage.php setup_folder Parameter
PHP remote file inclusion vulnerability in frontpage.php in Uberghey CMS 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.
CVE-2007-2271 EXPLOITDB text WORKING POC
USP FOSS Distribution 1.01 - Directory Traversal via dnld Parameter
Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the dnld parameter.
EIP-2026-112854 EXPLOITDB text WORKING POC
Uebimiau Web-Mail 3.2.0-1.8 - Remote File / Overwrite