Kw3[R]Ln

45 exploits Active since Jun 2006
CVE-2007-6566 EXPLOITDB perl WORKING POC
XZero Community Classifieds <4.95.11 - SQL Injection
SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.
CVE-2007-3530 EXPLOITDB text WORKING POC
PHPDirector <0.21 - Info Disclosure
PHPDirector 0.21 and earlier stores the admin account name and password in config.php, which allows local users to gain privileges by reading this file.
CVE-2007-3529 EXPLOITDB text WORKING POC
PHPDirector <0.21 - Info Disclosure
videos.php in PHPDirector 0.21 and earlier allows remote attackers to obtain sensitive information via an empty value of the id[] parameter, which reveals the path in an error message.
CVE-2006-5419 EXPLOITDB text WRITEUP
University of Glasgow SID - RCE
PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter.
CVE-2006-4656 EXPLOITDB text WRITEUP
Web Provence SL_Site <1.0 - RCE
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition.
CVE-2007-6567 EXPLOITDB perl WORKING POC
XZero Community Classifieds <4.95.11 - Path Traversal
Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a page view action.
CVE-2007-6568 EXPLOITDB text WORKING POC
XZero Community Classifieds <4.95.11 - RCE
PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter.
CVE-2007-0098 EXPLOITDB perl WORKING POC
Verliadmin < 0.3 - Path Traversal
Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
CVE-2006-3269 EXPLOITDB text WORKING POC
THoRCMS 1.3.1 - RCE
PHP remote file inclusion vulnerability in includes/functions_cms.php in THoRCMS 1.3.1 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.
CVE-2006-5562 EXPLOITDB perl WORKING POC
SourceForge (alexandria) 1.0.4 - RCE
PHP remote file inclusion vulnerability in include/database.php in SourceForge (aka alexandria) 1.0.4 allows remote attackers to execute arbitrary PHP code via the sys_dbtype parameter.
CVE-2008-7152 EXPLOITDB text WRITEUP
Specimen Image Database - RCE
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) client.php or (2) taxonservice.php.
CVE-2006-5291 EXPLOITDB text WRITEUP
Alex Downloadengine - Code Injection
PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition, so this issue is probably a duplicate of CVE-2006-4656.
CVE-2006-5518 EXPLOITDB python WORKING POC
RSSonate - RCE
Multiple PHP remote file inclusion vulnerabilities in Christopher Fowler (Rhode Island) RSSonate allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) xml2rss.php, (2) config_local.php, (3) rssonate.php, and (4) sql2xml.php in Src/getFeed/inc/.
CVE-2007-3358 EXPLOITDB perl WORKING POC
SerWeb <0.9.6 - RCE
PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter.
CVE-2007-3371 EXPLOITDB perl WORKING POC
Powl 0.94 - RCE
PHP remote file inclusion vulnerability in plugins/widgets/htmledit/htmledit.php in Powl 0.94 allows remote attackers to execute arbitrary PHP code via a URL in the _POWL[installPath] parameter.
CVE-2006-4664 EXPLOITDB text WRITEUP
Premod Shadow <2.7.1 - RCE
PHP remote file inclusion vulnerability in includes/functions_portal.php in Premod Shadow 2.7.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-7132 EXPLOITDB perl WORKING POC
Cynux Softwares Phpmydesk - Path Traversal
Directory traversal vulnerability in pmd-config.php in PHPMyDesk 1.0beta allows remote attackers to include arbitrary local files via the pmdlang parameter to viewticket.php.
CVE-2007-3562 EXPLOITDB text WORKING POC
Php Director < 0.21 - SQL Injection
SQL injection vulnerability in videos.php in PHP Director 0.21 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-5191 EXPLOITDB text WRITEUP
phpBB <1.0 - RCE
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
EIP-2026-110587 EXPLOITDB text WRITEUP
PHlyMail Lite 3.4.4 - 'folderprops.php' Remote File Inclusion (2)
CVE-2006-6631 EXPLOITDB text WRITEUP
PHP <1.0 - RCE
PHP remote file inclusion vulnerability in lib/xml/oai/GetRecord.php in osprey 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter.
CVE-2006-5386 EXPLOITDB text WRITEUP
NuralStorm Webmail <0.98b - RCE
PHP remote file inclusion vulnerability in process.php in NuralStorm Webmail 0.98b and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DEFAULT_SKIN parameter.
CVE-2006-3478 EXPLOITDB text WORKING POC
MyPHP CMS <0.3 - RCE
PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the domain parameter.
CVE-2006-7156 EXPLOITDB text WORKING POC
Keyword Replacer <1.0 - RCE
PHP remote file inclusion vulnerability in addon_keywords.php in Keyword Replacer (keyword_replacer) 1.0 and earlier, a module for miniBB, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter.
CVE-2006-3294 EXPLOITDB text WRITEUP
CBSMS Mambo Module <1.0 - RCE
PHP remote file inclusion vulnerability in mod_cbsms_messages.php in CBSMS Mambo Module 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.