sh3ll

4 exploits Active since Aug 2006
CVE-2006-4061 EXPLOITDB text WRITEUP
phpPrintAnalyzer 1.1 - RCE
PHP remote file inclusion vulnerability in index.php in Thomas Pequet phpPrintAnalyzer 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep_par_rapport_racine parameter. NOTE: this issue has been disputed by third party researchers, stating that the rep_par_rapport_racine variable is initialized before use
EIP-2026-109746 EXPLOITDB text WRITEUP
MyBloggie 2.1.x - 'MyBloggie_Root_Path' Remote File Inclusion
CVE-2006-4156 EXPLOITDB text WRITEUP
pearlabs mafia moblog <6 - RCE
PHP remote file inclusion vulnerability in big.php in pearlabs mafia moblog 6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtotemplate parameter. NOTE: a third party claims that the researcher is incorrect, because template.php defines pathtotemplate before big.php uses pathtotemplate. CVE has not verified either claim, but during August 2006, the original researcher made several significant errors regarding this bug type
CVE-2006-4163 EXPLOITDB text WRITEUP
myWebland miniBloggie <1.0 - RCE
PHP remote file inclusion vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fname parameter. NOTE: another researcher was unable to find a way to execute code after including it via a URL. CVE analysis as of 20060816 was inconclusive