beford

27 exploits Active since Feb 2006
CVE-2006-0725 EXPLOITDB WORKING POC
Plume-cms Plume Cms - Code Injection
PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1.0.2, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different executable and affected version than CVE-2006-2645.
CVE-2008-6187 EXPLOITDB text WORKING POC
Gforge < 4.5.19 - SQL Injection
SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and earlier allows remote attackers to execute arbitrary SQL commands via the release_id parameter.
CVE-2006-2665 EXPLOITDB text WORKING POC
V-Webmail 1.3 - RCE
PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter.
CVE-2006-2284 EXPLOITDB perl WORKING POC
Claroline 1.7.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
CVE-2006-2844 EXPLOITDB text WORKING POC
Redaxo 3.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.php and (2) stats/pages/index.inc.php.
CVE-2006-2843 EXPLOITDB text WORKING POC
Redaxo 2.7.4 - Code Injection
PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the (1) REX[INCLUDE_PATH] parameter in (a) addons/import_export/pages/index.inc.php and (b) pages/community.inc.php.
CVE-2008-3493 EXPLOITDB php WORKING POC
RealVNC Windows Client <4.1.2.0 - DoS
vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC servers to cause a denial of service (application crash) via a crafted frame buffer update packet.
CVE-2012-5340 EXPLOITDB HIGH text WORKING POC
SumatraPDF 2.1.1/MuPDF 1.0 - Memory Corruption
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
CVSS 7.8
EIP-2026-115467 EXPLOITDB text WORKING POC
IrfanView 4.33 - 'IMXCF.dll' Plugin Code Execution
CVE-2006-2666 EXPLOITDB text WORKING POC
V-Webmail <1.6.4 - RCE
PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter.
CVE-2006-4055 EXPLOITDB text WORKING POC
TSEP <0.942 - RCE
Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.
CVE-2006-2845 EXPLOITDB text WORKING POC
Redaxo <3.2 - Code Injection
PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to image_resize/pages/index.inc.php.
CVE-2006-2645 EXPLOITDB text WORKING POC
Plume-cms Plume Cms - Code Injection
PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remote attackers to execute arbitrary code via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different executable and affected version than CVE-2006-0725.
CVE-2006-4210 EXPLOITDB perl WORKING POC
phPay <2.02.1 - Open Mail Relay
nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained from third party information.
EIP-2026-110795 EXPLOITDB text WORKING POC
PHP-Barcode 0.3pl1 - Remote Code Execution
CVE-2006-4011 EXPLOITDB text WORKING POC
Kayako eSupport <2.3.1 - RCE
PHP remote file inclusion vulnerability in esupport/admin/autoclose.php in Kayako eSupport 2.3.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the subd parameter.
CVE-2006-2270 EXPLOITDB perl WORKING POC
Jetbox CMS 2.1 - RCE
PHP remote file inclusion vulnerability in includes/config.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary code via a URL in the relative_script_path parameter.
CVE-2008-6189 EXPLOITDB text WORKING POC
Gforge - SQL Injection
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php.
CVE-2008-6188 EXPLOITDB text WORKING POC
Gforge < 4.6rc1 - SQL Injection
SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_edit[] parameter.
CVE-2006-2144 EXPLOITDB text WORKING POC
DMCounter 0.9.2-b - RCE
PHP remote file inclusion vulnerability in kopf.php in DMCounter 0.9.2-b allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter.
CVE-2006-2285 EXPLOITDB perl WORKING POC
Dokeos 1.6.4 - RCE
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter.
EIP-2026-106488 EXPLOITDB text WRITEUP
DoceboLms 2.0.x - 'Lang' Multiple Remote File Inclusions
CVE-2006-2668 EXPLOITDB text WORKING POC
Docebo LMS <2.05 - RCE
Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) modules/credits/business.php, (2) modules/credits/credits.php, or (3) modules/credits/help.php.
CVE-2006-7048 EXPLOITDB perl WORKING POC
Claroline 1.7.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter to (a) atutor.inc.php (b) db-generic.inc.php (c) docebo.inc.php (d) dokeos.1.6.inc.php (e) dokeos.inc.php (f) ganesha.inc.php (g) mambo.inc.php (h) moodle.inc.php (i) phpnuke.inc.php (j) postnuke.inc.php and (k) spip.inc.php in claroline/auth/extauth/drivers/; (2) includePath parameter in mambo.inc.php, postnuke.inc.php, and (l) inc/lib/event/init_event_manager.inc.php; and (3) rootSys parameter in (m) inc/lib/export_exe_tracking.class.php, a different set of vectors than CVE-2006-2284.
CVE-2006-2849 EXPLOITDB text WORKING POC
Bytehoard 2.1 - RCE
PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter.