ToXiC CreW

CVE-2006-5147 EXPLOITDB text WORKING POC

vamp_webmail < 2.0_beta1 - Remote File Inclusion via no_url Parameter

PHP remote file inclusion vulnerability in wamp_dir/setup/yesno.phtml in VAMP Webmail 2.0beta1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the no_url parameter.

View Code

CVE-2006-5521 EXPLOITDB text WORKING POC

Net_DNS < 0.03 - Remote File Inclusion via phpdns_basedir Parameter

PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.

View Code

CVE-2006-5587 EXPLOITDB text WORKING POC

mdweb < 1.3 - Remote File Inclusion via chemin_appli Parameter

Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier (Mdweb132-postgres) allow remote attackers to execute arbitrary PHP code via a URL in the chemin_appli parameter in (1) admin/inc/organisations/form_org.inc.php and (2) admin/inc/organisations/country_insert.php.

View Code

EIP-2026-108048 EXPLOITDB text WORKING POC

Jaws 0.5.2 - '/include/JawsDB.php' Remote File Inclusion

View Code

CVE-2006-5384 EXPLOITDB text WORKING POC

CDS Agenda < 4.2.9 - Remote Code Execution via SendAlertEmail.php AGE Parameter

PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter.

View Code