SHiKaA

41 exploits Active since Apr 2005
CVE-2005-0859 EXPLOITDB text WORKING POC
CzarNews 1.13b - Remote File Inclusion via tpath Parameter
PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote attackers to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or (2) news.php. NOTE: some sources have reported the "dir" parameter as being affected; however, this is likely a cut-and-paste error from the wrong section of the original vulnerability report. Also, the news.php version was later reported to be in 1.12 through 1.14.
CVE-2006-4788 EXPLOITDB text WORKING POC
Telekorn SignKorn Guestbook <1.3 - RCE
PHP remote file inclusion vulnerability in includes/log.inc.php in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled and _SESSION[permission] parameter is set to "yes", allows remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter.
CVE-2006-4648 EXPLOITDB text WORKING POC
BinGo News < 3.01 - Remote File Inclusion via bp_ncom.php bnrep Parameter
PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.
CVE-2006-4440 EXPLOITDB text WORKING POC
Ay System Solutions CMS < 2.6 - Remote File Inclusion via main.php path[ShowProcessHandle] Parameter
PHP remote file inclusion vulnerability in main.php in Ay System Solutions CMS 2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter.
CVE-2006-4276 EXPLOITDB text WORKING POC
tutti_nova < 1.6 - Remote File Inclusion via TNLIB_DIR Parameter
PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
EIP-2026-114662 EXPLOITDB text WORKING POC
ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion
CVE-2005-1312 EXPLOITDB text WORKING POC
yappa-ng - Remote File Inclusion
PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors.
CVE-2006-4452 EXPLOITDB text WORKING POC
web3news < 0.95 - Remote File Inclusion via PHPSECURITYADMIN_PATH Parameter
PHP remote file inclusion vulnerability in security/include/_class.security.php in Web3news 0.95 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PHPSECURITYADMIN_PATH parameter.
CVE-2006-3991 EXPLOITDB text WORKING POC
Vlad Vostrykh Voodoo chat <1.0RC1b - RCE
PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter.
CVE-2006-4045 EXPLOITDB text WORKING POC
torbstoff_news 4 - Remote File Inclusion via pfad Parameter
PHP remote file inclusion vulnerability in news.php in Torbstoff News 4 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter.
CVE-2006-4890 EXPLOITDB text WORKING POC
UNAK-CMS <= 1.5 - Remote File Inclusion via dirroot Parameter
Multiple PHP remote file inclusion vulnerabilities in UNAK-CMS 1.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the dirroot parameter to (1) fckeditor/editor/filemanager/browser/default/connectors/php/connector.php or (2) fckeditor/editor/dialog/fck_link.php.
CVE-2006-4277 EXPLOITDB text WORKING POC
tutti_nova < 1.6 - Remote File Inclusion via TNLIB_DIR Parameter
Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-4889 EXPLOITDB text WORKING POC
Telekorn SignKorn Guestbook <1.3 - RCE
Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functions.gb.php, (3) includes/functions.admin.php, (4) includes/admin.inc.php, (5) help.php, (6) smile.php, (7) entry.php; (8) adminhelp0.php, (9) adminhelp1.php, (10) adminhelp2.php, and (11) adminhelp3.php in (a) help/en and (b) help/de directories; and the (12) preview.php, (13) log.php, (14) index.php, (15) config.php, and (16) admin.php in the (c) admin directory, a different set of vectors than CVE-2006-4788.
CVE-2006-4647 EXPLOITDB text WORKING POC
Sponge News < 2.2 - Remote File Inclusion via sndir Parameter
PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sndir parameter.
EIP-2026-112404 EXPLOITDB text WORKING POC
SQuery 4.5 - 'gore.php' Remote File Inclusion
EIP-2026-111661 EXPLOITDB text WORKING POC
Ractive Popper 1.41 - 'Childwindow.Inc.php' Remote File Inclusion
EIP-2026-111406 EXPLOITDB text WORKING POC
Popper 1.41-r2 - 'form' Remote File Inclusion
CVE-2006-6038 EXPLOITDB text WORKING POC
pForum < 1.29a - SQL Injection via editpoll.php id Parameter
SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-6039 EXPLOITDB text WORKING POC
php_matchmaker < 4.06 - SQL Injection via matchdetail.php edit Parameter
SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the edit parameter.
CVE-2006-4644 EXPLOITDB text WORKING POC
phpFullAnnu 5.1 - Remote File Inclusion via repmod Parameter
PHP remote file inclusion vulnerability in modules/home.module.php in phpFullAnnu 5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the repmod parameter.
CVE-2006-5062 EXPLOITDB text WORKING POC
PBLang < 4.66z - Remote File Inclusion via temppath Parameter
PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and earlier allows remote attackers to execute arbitrary PHP code via a URL in the temppath parameter.
CVE-2006-4769 EXPLOITDB text WORKING POC
p4CMS 1.05 - Remote File Inclusion via abf_js.php abs_pfad Parameter
PHP remote file inclusion vulnerability in abf_js.php in p4CMS 1.05 allows remote attackers to execute arbitrary PHP code via a URL in the abs_pfad parameter.
CVE-2006-3986 EXPLOITDB text WORKING POC
Knusperleicht Newsletter <3.5 - RCE
PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter.
CVE-2006-4630 EXPLOITDB text WORKING POC
Sky GUNNING MySpeach <= 3.0.2 - Remote File Inclusion via my_ms[root] Parameter
PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING MySpeach 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the my_ms[root] parameter.
CVE-2006-5077 EXPLOITDB text WORKING POC
Minerva Build 238 and earlier - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Chris Smith Minerva Build 238 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.