Mahmood_ali

69 exploits Active since Jul 2005
CVE-2007-0307 EXPLOITDB text WRITEUP
Poplar Gedcom Viewer < 2.0 - Remote File Inclusion via env[rootPath] Parameter
PHP remote file inclusion vulnerability in include/common.php in Poplar Gedcom Viewer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[rootPath] parameter.
CVE-2007-2594 EXPLOITDB html WORKING POC
phpmyportal 3.0.0 RC3 - Remote File Inclusion via GLOBALS[CHEMINMODULES] Parameter
PHP remote file inclusion vulnerability in inc/articles.inc.php in phpMyPortal 3.0.0 RC3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[CHEMINMODULES] parameter.
CVE-2007-2199 EXPLOITDB text WORKING POC
CJG EXPLORER PRO 3.3 - Remote Code Execution via g_pcltar_lib_dir Parameter
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter.
CVE-2007-0571 EXPLOITDB text WORKING POC
phpmyreports 3.0.11 - Remote File Inclusion via cfgPathModule Parameter
PHP remote file inclusion vulnerability in include/lib/lib_head.php in phpMyReports 3.0.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathModule parameter.
CVE-2007-2615 EXPLOITDB text WRITEUP
Crie seu PHPLojaFacil 0.1.5 - Remote File Inclusion via path_local Parameter
Multiple PHP remote file inclusion vulnerabilities in Crie seu PHPLojaFacil 0.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the path_local parameter to (1) ftp.php, (2) libs/db.php, and (3) libs/ftp.php.
CVE-2007-2677 EXPLOITDB text WRITEUP
phpChess Community Edition 2.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in phpChess Community Edition 2.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the config parameter to includes/language.php, or the Root_Path parameter to (2) layout_admin_cfg.php, (3) layout_cfg.php, or (4) layout_t_top.php in skins/phpchess/. NOTE: vector 1 has been disputed by CVE, since the code is defined within a function that is not called from within includes/language.php.
CVE-2007-4636 EXPLOITDB text WORKING POC
phpBG 0.9.1 - Remote File Inclusion via rootdir Parameter
Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to (1) intern/admin/other/backup.php, (2) intern/admin/, (3) intern/clan/member_add.php, (4) intern/config/key_2.php, or (5) intern/config/forum.php.
CVE-2007-1633 EXPLOITDB perl WORKING POC
Splatt Forum 4.0 RC1 - Remote File Inclusion via bbcode_ref.php name Parameter
Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by bbcode_ref.php.
CVE-2007-1372 EXPLOITDB text WORKING POC
PostGuestbook 0.6.1 - Remote File Inclusion via tpl_pgb_moddir Parameter
PHP remote file inclusion vulnerability in styles/internal/header.php in the PostGuestbook 0.6.1 module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the tpl_pgb_moddir parameter.
CVE-2007-1104 EXPLOITDB text WORKING POC
PHP-MIP 0.1 - Remote File Inclusion via laypath Parameter
PHP remote file inclusion vulnerability in top.php in PHP Module Implementation (PHP-MIP) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter.
CVE-2007-2200 EXPLOITDB text WORKING POC
Pagode 0.5.8 - Directory Traversal via Absolute Parameter
Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote attackers to read and possibly delete arbitrary files via a .. (dot dot) in the asolute parameter.
CVE-2007-4641 EXPLOITDB python WORKING POC
Pakupaku CMS < 0.4 - Remote Code Execution via Path Traversal in Page Parameter
Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file.
CVE-2007-2545 EXPLOITDB text WRITEUP
Persism CMS < 0.9.2 - Remote File Inclusion via system[path] Parameter
Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the system[path] parameter to (1) blocks/headerfile.php, (2) files/blocks/latest_files.php, (3) filters/headerfile.php, (4) forums/blocks/latest_posts.php, (5) groups/headerfile.php, (6) links/blocks/links.php, (7) menu/headerfile.php, (8) news/blocks/latest_news.php, (9) settings/headerfile.php, or (10) users/headerfile.php, in modules/.
CVE-2007-1698 EXPLOITDB text WRITEUP
Philex < 0.2.3 - Unauthenticated Arbitrary File Read via download.php file Parameter
download.php in Philex 0.2.3 and earlier allows remote attackers to read arbitrary files and source code, and obtain sensitive information via the file parameter.
CVE-2007-1620 EXPLOITDB text WORKING POC
php_db_designer < 1.02 - Remote File Inclusion via _SESSION Parameter
Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer 1.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SESSION[SITE_PATH] parameter to (a) wind/help.php or (b) wind/about.php, or the (2) _SESSION[DRIVER] parameter to (c) db/session.php.
CVE-2007-2069 EXPLOITDB text WRITEUP
openmairie < 1.11 - Directory Traversal via dsn[phptype] Parameter
Directory traversal vulnerability in scr/soustab.php in openMairie 1.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dsn[phptype] parameter.
CVE-2007-2676 EXPLOITDB text WORKING POC
Open Translation Engine 0.7.8 - RCE
PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 allows remote attackers to execute arbitrary PHP code via a URL in the ote_home parameter.
CVE-2007-2620 EXPLOITDB text WRITEUP
Jakub Steiner's Original 0.11 - RCE
PHP remote file inclusion vulnerability in inc/config.inc.php in Jakub Steiner (aka jimmac) original 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the x[1] parameter.
CVE-2007-1392 EXPLOITDB text WORKING POC
netForo! 0.1g - Directory Traversal via File Download Parameter
Directory traversal vulnerability in down.php in netForo! 0.1g allows remote attackers to read arbitrary files via a .. (dot dot) in the file_to_download parameter.
CVE-2007-1613 EXPLOITDB text WORKING POC
MPM Chat 2.5 - Directory Traversal via Logi Parameter
Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the logi parameter.
CVE-2007-3297 EXPLOITDB text WORKING POC
Musoo 0.21 - Remote File Inclusion via GLOBALS[ini_array][EXTLIB_PATH] Parameter
Multiple PHP remote file inclusion vulnerabilities in Musoo 0.21 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[ini_array][EXTLIB_PATH] parameter to (1) msDb.php, (2) modules/MusooTemplateLite.php, or (3) modules/SoundImporter.php.
CVE-2007-6187 EXPLOITDB text WORKING POC
PHP Content Architect <1.2 - Path Traversal
Multiple directory traversal vulnerabilities in PHP Content Architect (aka NoAh) 0.9 pre 1.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filepath parameter to (1) css_file.php, (2) js_file.php, or (3) xml_file.php in noah/modules/nosystem/templates/.
CVE-2007-3136 EXPLOITDB html WORKING POC
newsSync 1.5.0rc6 - Remote File Inclusion via newsSync_NUKE_PATH Parameter
PHP remote file inclusion vulnerability in inc/nuke_include.php in newsSync 1.5.0rc6 allows remote attackers to execute arbitrary PHP code via a URL in the newsSync_NUKE_PATH parameter.
CVE-2007-1842 EXPLOITDB python WORKING POC
jsboard < 2.0.11 - Directory Traversal via Table Parameter
Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.
CVE-2007-2324 EXPLOITDB text WORKING POC
JulmaCMS 1.4 - Directory Traversal via File Parameter
Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.