mdx

18 exploits Active since Dec 2003
CVE-2006-6763 EXPLOITDB WORKING POC
KISGB - RCE
Multiple PHP remote file inclusion vulnerabilities in the Keep It Simple Guest Book (KISGB) allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_to_themes parameter in (a) authenticate.php, and the (2) default_path_for_themes parameter in (b) admin.php and (c) upconfig.php.
CVE-2006-6764 EXPLOITDB text WORKING POC
PHP - RCE
PHP remote file inclusion vulnerability in authenticate.php in Keep It Simple Guest Book (KISGB), when executing PHP through CGI, allows remote attackers to execute arbitrary PHP code via a URL in the default_path_to_themes parameter.
CVE-2006-6691 EXPLOITDB text WORKING POC
Valdersoft Shopping Cart <3.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Valdersoft Shopping Cart 3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the commonIncludePath parameter to (1) admin/include/common.php, (2) include/common.php, or (3) common_include/common.php.
CVE-2007-5840 EXPLOITDB text WORKING POC
SyndeoCMS 2.5.01 - RCE
PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2.
CVE-2006-4824 EXPLOITDB text WORKING POC
Quicksilver Forums <1.2.1 - RCE
PHP remote file inclusion vulnerability in lib/activeutil.php in Quicksilver Forums (QSF) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the set[include_path] parameter.
CVE-2006-5281 EXPLOITDB text WORKING POC
n@board <3.1.9e - RCE
PHP remote file inclusion vulnerability in naboard_pnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter.
CVE-2006-4372 EXPLOITDB text WORKING POC
Mambo com_lurm_constructor <0.6b - RCE
PHP remote file inclusion vulnerability in admin.lurm_constructor.php in the Lurm Constructor component (com_lurm_constructor) 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter.
CVE-2006-4296 EXPLOITDB text WRITEUP
Mambo 1.1 - RCE
PHP remote file inclusion vulnerability in classes/Tar.php in bigAPE-Backup component (com_babackup) for Mambo 1.1 allows remote attackers to include arbitrary files via the mosConfig_absolute_path parameter.
CVE-2006-4270 EXPLOITDB text WORKING POC
Mambo Mambelfish Component < 1.1 - Code Injection
PHP remote file inclusion vulnerability in mambelfish.class.php in the mambelfish component (com_mambelfish) 1.1 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-4203 EXPLOITDB text WORKING POC
Mambo com_mmp <1.2 - RCE
PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2008-1635 EXPLOITDB text WORKING POC
Keep It Simple Guest Book <5.1.1 - Path Traversal
Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tmp_theme parameter. NOTE: 5.1.1 is also reportedly affected.
CVE-2007-5457 EXPLOITDB text WORKING POC
Joomla - Code Injection
Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle Joomla Flash Uploader (com_jfu or com_joomla_flash_uploader) 2.5.1 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) install.joomla_flash_uploader.php and (2) uninstall.joomla_flash_uploader.php.
CVE-2007-5451 EXPLOITDB text WORKING POC
Com Colorlab - Code Injection
PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
CVE-2003-1314 EXPLOITDB text WORKING POC
EternalMart Guestbook <1.1 - RCE
PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook (EMGB) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgb_admin_path parameter.
CVE-2007-2302 EXPLOITDB text WORKING POC
Expow 0.8 - RCE
PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_file parameter.
CVE-2006-5429 EXPLOITDB text WORKING POC
BRIM 1.2.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter in template.tpl.php in (1) templates/barrel/, (2) templates/sidebar/, (3) templates/text-only, (4) templates/slashdot/, (5) templates/penguin/, (6) templates/pda/, (7) templates/oerdec/, (8) templates/nifty/, (9) templates/mylook, and (10) templates/barry/.
CVE-2006-6830 EXPLOITDB text WORKING POC
b2 Blog <0.5 - RCE
PHP remote file inclusion vulnerability in b2verifauth.php in b2 Blog 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the index parameter.
CVE-2006-5307 EXPLOITDB text WORKING POC
AFGB Guestbook 2.2 - RCE
Multiple PHP remote file inclusion vulnerabilities in AFGB GUESTBOOK 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the Htmls parameter in (1) add.php, (2) admin.php, (3) look.php, or (4) re.php.