Total
5051 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4806 | 1 Focus Sis | 1 Focus Sis | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter. | ||||
| CVE-2009-1450 | 1 Bluevirus-design | 1 Sma-db | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote attackers to execute arbitrary PHP code via a URL in the _page_content parameter. | ||||
| CVE-2009-1444 | 1 Webportal | 1 Webportal Cms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS 0.8-beta allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter. | ||||
| CVE-2007-4763 | 1 Tim Jackson | 1 Phpof | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.php in PHP Object Framework (PHPOF) 20040226 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPOF_INCLUDE_PATH parameter. | ||||
| CVE-2008-6132 | 1 Brickhost | 1 Phpscheduleit | 2025-04-09 | N/A |
| Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter. | ||||
| CVE-2009-1383 | 1 Forkosh | 1 Mathtex | 2025-04-09 | N/A |
| The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag. | ||||
| CVE-2007-4744 | 1 Anyinventory | 1 Anyinventory | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in environment.php in AnyInventory 1.9.1 and 2.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PREFIX parameter. | ||||
| CVE-2009-1285 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-09 | N/A |
| Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files. | ||||
| CVE-2009-2143 | 2 Firestats, Wordpress | 2 Firestats, Wordpress | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fs_javascript parameter. | ||||
| CVE-2009-1278 | 1 Gravityboardx | 1 Gravity Board X | 2025-04-09 | N/A |
| Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php. | ||||
| CVE-2007-4737 | 1 Speedtech | 1 Stphplibrary | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the STPHPLIB_DIR parameter to (1) stphpapplication.php, (2) stphpbtnimage.php, or (3) stphpform.php. | ||||
| CVE-2009-1248 | 1 Acutecp | 1 Acute Control Panel | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the theme_directory parameter to (1) container.php and (2) header.php in themes/. | ||||
| CVE-2008-1712 | 1 Mx-system | 1 Mxbb | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_weblog.php in mxBB mx_blogs 2.0.0 beta allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | ||||
| CVE-2009-2372 | 1 Drupal | 1 Drupal | 2025-04-09 | N/A |
| Drupal 6.x before 6.13 does not prevent users from modifying user signatures after the associated comment format has been changed to an administrator-controlled input format, which allows remote authenticated users to inject arbitrary web script, HTML, and possibly PHP code via a crafted user signature. | ||||
| CVE-2009-1230 | 1 Podcast Generator | 1 Podcast Generator | 2025-04-09 | N/A |
| Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action. | ||||
| CVE-2009-1144 | 3 Foolabs, Gentoo, Glyphandcog | 3 Xpdf, Gentoo Linux, Xpdfreader | 2025-04-09 | N/A |
| Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library. | ||||
| CVE-2009-1128 | 1 Microsoft | 1 Office Powerpoint | 2025-04-09 | N/A |
| Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to memory corruption, aka "PP7 Memory Corruption Vulnerability," a different vulnerability than CVE-2009-1129. | ||||
| CVE-2008-1405 | 1 Fuzzylime | 1 Fuzzylime | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in code/display.php in fuzzylime (cms) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter. | ||||
| CVE-2007-4646 | 1 Hexamail | 1 Hexamail Server | 2025-04-09 | N/A |
| Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001 Lite allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long USER command. | ||||
| CVE-2009-1102 | 2 Redhat, Sun | 3 Enterprise Linux, Rhel Extras, Java | 2025-04-09 | N/A |
| Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation." | ||||