Php Exploits
1,334 exploits tracked across all sources.
Eskolar CMS 0.9.0.0 - 'index.php' SQL Injection
by HACKERS PAL
e-Vision CMS - SQL Injection
SQL injection vulnerability in admin/all_users.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote attackers to execute arbitrary SQL commands via the from parameter.
by HACKERS PAL
exV2 <2.0.4.3 - SQL Injection
SQL injection vulnerability in modules/messages/index.php in exV2 2.0.4.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.
by rgod
Php Blue Dragon <2.9.1 - SQL Injection
SQL injection vulnerability in the GetModuleConfig function in public_includes/pub_kernel/pbd_modules.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php.
by Kacper
Php Blue Dragon <2.9.1 - XSS
Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an error message resulting from a failed SQL query.
by Kacper
Php Blue Dragon <2.9.1 - Path Traversal
Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence via the phpExt parameter, as demonstrated by executing PHP code in a log file.
by Kacper
More.groupware 0.74 - SQL Injection
SQL injection vulnerability in modules/calendar/week.php in More.groupware 0.74 allows remote attackers to execute arbitrary SQL commands via the new_calendarid parameter.
by x128
Exponent CMS 0.96.3 - Path Traversal
Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_view action in the calendarmodule module, as demonstrated by executing PHP code through session files.
by rgod
David Bennett PHP-Post <1.0 - Variable Overwrite
Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the table_prefix parameter in (1) index.php, (2) profile.php, and (3) header.php.
by HACKERS PAL
GNUTurk <2G - SQL Injection
SQL injection vulnerability in mods.php in GNUTurk 2G and earlier allows remote attackers to execute arbitrary SQL commands via the t_id parameter when the go parameter is "Forum."
by p2y
Limbo (aka Lite Mambo) CMS 1.0.4.2L - Code Injection
Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1.0.4.2L and earlier allows remote attackers to upload PHP code to the images/contact folder via a filename with a double extension in the contact_attach parameter in a contact option in index.php, which bypasses an insufficiently restrictive regular expression.
by rgod
PHP <4.4.4 & 5.1.6 - Auth Bypass
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
by Maksymilian Arciemowicz
RaidenHTTPD 1.1.49 - RCE
PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, when register_globals and WebAdmin is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SoftParserFileXml parameter.
by rgod
CCleague Pro Sports CMS 1.0.1 RC1 - Path Traversal
Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the language Cookie parameter, as demonstrated by executing PHP code via a log file.
by Kacper
PHP-Fusion <6.01.4 - SQL Injection
Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks via the _SERVER[REMOTE_ADDR] parameter to news.php.
by rgod
DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure
by rgod
DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution
by rgod
SZEWO PhpCommander <3.0 - Path Traversal
Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.
by Kacper
SoftBB 0.1 - Code Injection
Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request.
by Kacper
pHNews alpha 1 - 'templates_dir' Remote Code Execution
by Kacper
PmWiki 2.1.19 - 'Zend_Hash_Del_Key_Or_Index' Remote Command Execution
by rgod
Tikiwiki Cms/groupware - Unrestricted File Upload
Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 Sirius and earlier allows remote attackers to execute arbitrary PHP code via a filepath parameter that contains a filename with a .php extension, which is uploaded to the img/wiki/ directory.
by rgod
osCommerce 2.1/2.2 - 'product_info.php' SQL Injection
by GulfTech Security
Phpgroupware - Path Traversal
Directory traversal vulnerability in calendar/inc/class.holidaycalc.inc.php in phpGroupWare 0.9.16.010 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the GLOBALS[phpgw_info][user][preferences][common][country] parameter.
by Kacper
By Source