Mogatil

5 exploits Active since Apr 2007
CVE-2007-2199 EXPLOITDB text WORKING POC
CJG EXPLORER PRO 3.3 - Remote Code Execution via g_pcltar_lib_dir Parameter
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter.
CVE-2007-2969 EXPLOITDB text WORKING POC
WAnewsletter < 2.1.3 - Remote File Inclusion via waroot Parameter
PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the waroot parameter.
CVE-2007-5313 EXPLOITDB text WORKING POC
Picturesolution < 2.1 - Remote Code Execution via Path Parameter in install/config.php
PHP remote file inclusion vulnerability in install/config.php in Picturesolution 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2007-2708 EXPLOITDB text WORKING POC
Feindt Computerservice News <2.0 - RCE
PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.
CVE-2007-2660 EXPLOITDB text WORKING POC
Vincent Blavet PhpConcept Library <3.3 - RCE
PHP remote file inclusion vulnerability in pcltrace.lib.php in the PclTar module in Vincent Blavet PhpConcept Library, as used in CJG EXPLORER PRO 3.3 and earlier and probably other products, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter. NOTE: CVE disputes this issue since there is no include statement in pcltrace.lib.php. NOTE: the pcltar.lib.php vector is already covered by CVE-2007-2199