IR4DEX GROUP

3 exploits Active since May 2006
CVE-2006-3162 EXPLOITDB text WORKING POC
SmartSiteCMS < 1.0 - Remote File Inclusion via root Parameter
PHP remote file inclusion vulnerability in include/inc_foot.php in SmartSiteCMS 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
CVE-2006-3421 EXPLOITDB text WORKING POC
SmartSiteCMS < 1.0 - Remote File Inclusion via Root Parameter
PHP remote file inclusion vulnerability in SmartSiteCMS 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the root parameter in (1) comment.php, (2) admin/comedit.php, (3) admin/test.php, (4) admin/index.php, and (5) admin/include/inc_adminfoot.php, a different set of vectors than CVE-2006-3162.
CVE-2006-2361 EXPLOITDB text WORKING POC
mxbb_portal - Remote File Inclusion via module_root_path Parameter
PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.