Php Exploits

1,333 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-111235 EXPLOITDB php VERIFIED
PHPWCMS 1.2.6 - Cookie: wcs_user_lang Local File Inclusion
by Kacper
CVE-2006-7169 EXPLOITDB php VERIFIED
Ultimate PHP Board < 2.0 - Remote File Inclusion via _CONFIG[skin_dir] Parameter
PHP remote file inclusion vulnerability in includes/header_simple.php in Ultimate PHP Board (UPB) 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _CONFIG[skin_dir] parameter.
by Kacper
CVE-2006-5834 EXPLOITDB php VERIFIED
OpenSolution Quick.Cms.Lite 0.3 - Directory Traversal via sLanguage Cookie Parameter
Directory traversal vulnerability in general.php in OpenSolution Quick.Cms.Lite 0.3 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the sLanguage Cookie parameter.
by Kacper
CVE-2006-7112 EXPLOITDB php VERIFIED
Maxdev Mdpro < 1.0.76 - Path Traversal
Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and include arbitrary files via the PNSVlang cookie, as demonstrated by uploading a GIF image using AddDownload or injecting PHP code into a log file, then accessing it.
by Kacper
CVE-2006-5786 EXPLOITDB php VERIFIED
e107 0.7.5 - Directory Traversal via e107language_e107cookie Cookie
Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.
by Kacper
CVE-2006-5733 EXPLOITDB php VERIFIED
PostNuke < 0.763 - Directory Traversal and Arbitrary File Execution via PNSVlang Cookie
Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
by Kacper
CVE-2006-5731 EXPLOITDB php VERIFIED
lithium_cms < 4.04c - Directory Traversal and Arbitrary File Execution via siteconf[curl] Parameter
Directory traversal vulnerability in classes/index.php in Lithium CMS 4.04c and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the siteconf[curl] parameter, as demonstrated by a POST to news/comment.php containing PHP code, which is stored under db/comments/news/ and included by classes/index.php.
by Kacper
EIP-2026-107931 EXPLOITDB php VERIFIED
Invision Power Board 2.1.7 - 'Debug' Remote Password Change
by Rapigator
EIP-2026-107846 EXPLOITDB php VERIFIED
Innovate Portal 2.0 - 'acp.php' Remote Code Execution
by Kacper
CVE-2006-5732 EXPLOITDB php VERIFIED
T.G.S. CMS < 0.1.7 - SQL Injection via myauthorid Cookie
SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the myauthorid cookie.
by Kacper
CVE-2006-5720 EXPLOITDB php VERIFIED
PHP-Nuke <= 7.9 - SQL Injection via Journal Module Search Parameter
SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and earlier allows remote attackers to execute arbitrary SQL commands via the forwhat parameter.
by Paisterist
CVE-2006-5665 EXPLOITDB php VERIFIED
Spider Friendly < 1.3.10 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in admin/modules_data.php in the phpBB module Spider Friendly 1.3.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Kacper
CVE-2006-6938 EXPLOITDB php VERIFIED
NitroTech 0.0.3a - Directory Traversal via Root Parameter
Directory traversal vulnerability in includes/common.php in NitroTech 0.0.3a, as distributed before 2006, allows remote attackers to include arbitrary files via ".." sequences in the root parameter.
by Kacper
CVE-2006-5672 EXPLOITDB php VERIFIED
MySource CMS < 2.16.2 - Remote File Inclusion via INCLUDE_PATH Parameter
PHP remote file inclusion vulnerability in web/init_mysource.php in MySource CMS 2.16.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter.
by Kacper
CVE-2006-5670 EXPLOITDB php VERIFIED
Free Image Hosting < 1.0 - Remote File Inclusion via AD_BODY_TEMP Parameter
PHP remote file inclusion vulnerability in forgot_pass.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter.
by Kacper
CVE-2006-5762 EXPLOITDB php VERIFIED
Free File Hosting < 1.1 - Remote Code Execution via AD_BODY_TEMP Parameter
PHP remote file inclusion vulnerability in forgot_pass.php in Free File Hosting 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: this issue was later reported for the "File Upload System" which is a component of Free File Hosting. This also affects Free Image Hosting 2.0, which contains the same code.
by Kacper
CVE-2006-5625 EXPLOITDB php VERIFIED
N/X WCMS < 4.1 - Remote File Inclusion via c[path] Parameter
PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter.
by Kacper
EIP-2026-109127 EXPLOITDB php VERIFIED
Light Blog Remote - Multiple Vulnerabilities
by BlackHawk
CVE-2006-5622 EXPLOITDB php VERIFIED
Coppermine Photo Gallery 1.4.9 - SQL Injection via picmgr.php aid Parameter
SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote attackers to execute arbitrary SQL commands via the aid parameter.
by w4ck1ng
CVE-2006-5673 EXPLOITDB php VERIFIED
miniBB < 2.0.2 - Remote File Inclusion via pathToFiles Parameter
PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB 2.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter.
by Kacper
CVE-2006-5554 EXPLOITDB php VERIFIED
Imageview < 5 - Directory Traversal via User Settings Cookie
Directory traversal vulnerability in index.php in Imageview 5 allows remote attackers to read or execute arbitrary local files via a .. (dot dot) in the user_settings cookie, as demonstrated by using the MyFile parameter in albumview.php to upload a text/plain .gif file containing PHP code, which is executed by index.php.
by Kacper
CVE-2006-5561 EXPLOITDB php VERIFIED
Discuz! GBK 5.0.0 - SQL Injection via cdb_auth Cookie
SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows remote attackers to execute arbitrary SQL commands via the cdb_auth cookie.
by rgod
EIP-2026-108065 EXPLOITDB php VERIFIED
JaxUltraBB 2.0 - Command Execution
by BlackHawk
CVE-2006-5531 EXPLOITDB php VERIFIED
ascended_guestbook < 1.0.0 - Remote File Inclusion via CONFIG[path] Parameter
PHP remote file inclusion vulnerability in embedded.php in Ascended Guestbook 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[path] parameter.
by Kacper
CVE-2006-5525 EXPLOITDB php VERIFIED
PHP-Nuke < 7.9 - SQL Injection via Blacklist Bypass
Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and earlier allows remote attackers to conduct SQL injection attacks via (1) "/**/UNION " or (2) " UNION/**/" sequences, which are not rejected by the protection mechanism, as demonstrated by a SQL injection via the eid parameter in a search action in the Encyclopedia module in modules.php.
by Paisterist
By Source
All 1,333 Writeup 62,183 Exploitdb 50,126 Nomisec 22,380 Github 3,588 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,433 python 6,554 ruby 6,001 c 3,625 perl 2,849 html 2,074 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25