Contact | Site en Français
Corporate Information
Security Research
PHP Security Advisories :
08.07.2009 : Siteframe Remote SQL Injection and Information Disclosure Vulnerabilities
08.07.2009 : Citrix XenCenterWeb Multiple Command and SQL Injection Vulnerabilities
03.07.2009 : Drupal Advanced Forum Cross Site Scripting and Security Bypass Issues
03.07.2009 : Drupal Multiple Cross Site Scripting and Security Bypass Vulnerabilities
30.06.2009 : com_php for Joomla "id" Parameter Remote SQL Injection Vulnerability
29.06.2009 : Mandriva Security Update Fixes PHP Denial of Service Vulnerability
22.06.2009 : PHP Security Update Fixes "exif_read_data()" Denial of Service Issue
04.06.2009 : Movie PHP Script "anticode" Parameter PHP Code Injection Vulnerability
02.06.2009 : Fedora Security Update Fixes PHP Security Bypass and DoS Issues
19.05.2009 : PHP Dir Submit Username and Password SQL Injection Vulnerability
19.05.2009 : PHP Article Publisher Admin Interface Missing Authentication Vulnerability
18.05.2009 : Harland Multiple Products Remote PHP Code Injection Vulnerability
18.05.2009 : HP System Management Homepage PHP and OpenSSL Vulnerabilities
12.05.2009 : Php Recommend PHP Code Execution and Authentication Bypass Issues
12.05.2009 : Bitweaver "version" Directory Traversal Code Injection Vulnerability
11.05.2009 : Battle Blog Administrative Interface Arbitrary File Upload Vulnerability
05.05.2009 : ProjectCMS File Upload and Information Disclosure Vulnerabilities
05.05.2009 : PHP Site Lock Cookie Data Processing Authentication Bypass Issue
05.05.2009 : eLitius Administrative Interface Arbitrary PHP File Upload Vulnerability
05.05.2009 : Debian Security Update Fixes PHP Security Bypass and DoS Issues
21.04.2009 : Flatnux Multiple Local File Inclusion and File Upload Vulnerabilities
21.04.2009 : Studio Lounge Address Book Arbitrary PHP File Upload Vulnerability
21.04.2009 : Ubuntu Security Update Fixes PHP Security Bypass and DoS Issues
16.04.2009 : SPIP Data Processing PHP Code Injection and Security Bypass Issues
16.04.2009 : phpMyAdmin Setup Script Remote PHP Code Injection Vulnerability
15.04.2009 : Redhat Security Update Fixes PHP Security Bypass and DoS Issues
14.04.2009 : PHP Security Update Fixes OpenSSL Security Bypass and DoS Issues
14.04.2009 : Slackware Security Update Fixes PHP Information Disclosure Vulnerability
14.04.2009 : Mandriva Security Update Fixes PHP Denial of Service Vulnerability
07.04.2009 : Redhat Security Update Fixes PHP Buffer Overflow and DoS Issues
30.03.2009 : PHP Petition Signing Script Remote SQL Injection Vulnerabilities
25.03.2009 : phpMyAdmin PHP Code Injection and Cross Site Scripting Vulnerabilities
25.03.2009 : PHPizabi Remote Code Execution and SQL Injection Vulnerabilities
17.03.2009 : Cryptographp "cfg" Parameter Local File Inclusion Vulnerability
17.03.2009 : PHPLinkAdmin Remote File Inclusion and SQL Injection Vulnerabilities
09.03.2009 : Mandriva Security Update Fixes PHP Security Bypass Vulnerabilities
04.03.2009 : Zabbix Remote Code Execution and Local File Inclusion Vulnerabilities
03.03.2009 : rPath Security Update Fixes PHP Security Bypass and Code Execution
27.02.2009 : PHP Multiple Denial of Service and Information Disclosure Vulnerabilities
27.02.2009 : Golabi "cur_module" Parameter Remote PHP File Inclusion Vulnerability
26.02.2009 : Turbolinux Security Update Fixes PHP Security Bypass Vulnerabilities
23.02.2009 : PHCDownload "search.php" Remote PHP Code Injection Vulnerability
23.02.2009 : phpScheduleIt "start_date" and "end_date" Code Injection Vulnerability
23.02.2009 : Autopost Bot Mod for phpBB "phpbb_root_path" File Inclusion Vulnerability
23.02.2009 : Mandriva Security Update Fixes PHP Security Bypass Vulnerabilities
17.02.2009 : YACS "context[path_to_root]" Remote PHP File Inclusion Vulnerability
17.02.2009 : SAS Hotel Management System SQL Injection and File Upload Issues
17.02.2009 : NovaBoard SQL Injection and Arbitrary File Upload Vulnerabilities
17.02.2009 : simplePMS Code Injection and Local File Inclusion Vulnerabilities
17.02.2009 : Falt4 CMS FCKeditor Connector Arbitrary File Upload Vulnerability
16.02.2009 : Ubuntu Security Update Fixes PHP Security Bypass Vulnerabilities
12.02.2009 : SkaDate Photo Handling Arbitrary PHP File Upload Vulnerability
11.02.2009 : Auth PHP "username" and "passwd" Remote SQL Injection Vulnerabilities
11.02.2009 : Q-News "settings.php" Remote PHP Code Injection Vulnerability
10.02.2009 : Hedgedog-CMS "specialacts.php" Arbitrary File Upload Vulnerability
10.02.2009 : PHP Director "searching" Parameter Remote SQL Injection Vulnerability
09.02.2009 : phpYabs "Azione" Parameter Remote File Inclusion Vulnerability
09.02.2009 : 1024 CMS "page_include" Parameter Remote File Inclusion Vulnerability
09.02.2009 : Simple PHP News "post.php" Remote PHP Code Injection Vulnerability
28.01.2009 : Flax Article Manager Avatar Handling PHP File Upload Vulnerability
28.01.2009 : Turbolinux Security Update Fixes PHP Overflow and Security Bypass
22.01.2009 : Mandriva Security Update Fixes PHP Overflow and Security Bypass
13.01.2009 : Realtor 747 "INC_DIR" Parameter Remote File Inclusion Vulnerability
13.01.2009 : PWP Wiki Processor "run.php" Arbitrary PHP File Upload Vulnerability
13.01.2009 : BKWorks ProPHP Username Remote SQL Injection Vulnerability
06.01.2009 : PHP Auction System SQL Injection and Cross Site Scripting Vulnerabilities
05.01.2009 : Megacubo "mega://" URI Remote PHP Code Injection Vulnerability
24.12.2008 : phpGreetCards File Upload and Cross Site Scripting Vulnerabilities
24.12.2008 : phpAdBoard Photo Handling Arbitrary PHP File Upload Vulnerability
24.12.2008 : phpEmployment Photo Handling Arbitrary PHP File Upload Vulnerability
15.12.2008 : chuggnutt HTML to Plain Text Conversion Code Injection Vulnerability
08.12.2008 : Slackware Security Update Fixes PHP Multiple Remote Vulnerabilities
08.12.2008 : PHP Multiple Buffer Overflow and Security Bypass Vulnerabilities
01.12.2008 : PHP TV Portal "mid" Parameter Remote SQL Injection Vulnerability
01.12.2008 : minimal-ablog SQL Injection and File Upload Vulnerabilities
01.12.2008 : cpCommerce "_functions.php" Script Remote Variable Overwrite Issue
24.11.2008 : Getaphpsite Real Estate Arbitrary PHP File Upload Vulnerability
24.11.2008 : getaphpsite cardealers Arbitrary PHP File Upload Vulnerability
24.11.2008 : Goople CMS Authentication Bypass and File Upload Vulnerability
21.11.2008 : wPortfolio Remote File Upload and Password Manipulation Vulnerabilities
21.11.2008 : MauryCMS "c" Parameter Handling Remote SQL Injection Vulnerability
21.11.2008 : Alex Article-Engine and News-Engine Arbitrary File Upload Vulnerability
17.11.2008 : Gentoo Security Update Fixes PHP Multiple Remote Vulnerabilities
13.11.2008 : AlstraSoft SendIt Pro Arbitrary PHP File Upload Vulnerability
12.11.2008 : Pre Real Estate Listings SQL Injection and File Upload Vulnerabilities
12.11.2008 : Simple RSS Reader for Joomla Remote File Inclusion Vulnerability
11.11.2008 : PHPStore Real Estate Arbitrary PHP File Upload Vulnerability
11.11.2008 : PHPStore Complete Classifieds Script File Upload Vulnerability
11.11.2008 : PHPStore Job Search Arbitrary PHP File Upload Vulnerability
11.11.2008 : PHPStore Car Dealers Arbitrary PHP File Upload Vulnerability
11.11.2008 : Fresh Email Script PHP File Inclusion and Session Fixation Vulnerabilities
11.11.2008 : Free Simple Guestbook PHP Script Code Execution Vulnerability
11.11.2008 : OTManager "Tipo" Parameter Handling File Inclusion Vulnerability
10.11.2008 : DeltaScripts PHP Classifieds "siteid" Remote SQL Injection Vulnerability
10.11.2008 : Enthusiast "path" Parameter Handling File Inclusion Vulnerability
10.11.2008 : ZEEJOBSITE Photo Handling Arbitrary File Upload Vulnerability
06.11.2008 : PHP Auto Listings Script "itemno" Remote SQL Injection Vulnerability
06.11.2008 : Dada Mail Manager "mosConfig_absolute_path" Inclusion Vulnerability
03.11.2008 : Maran PHP Shop "id" Parameter Remote SQL Injection Vulnerability
30.10.2008 : 7Shop "imageupload.php" Arbitrary File Upload Vulnerability
30.10.2008 : Agares ThemeSiteScript "loadadminpage" File Inclusion Vulnerability
30.10.2008 : H2O-CMS "SaveConfig" Remote PHP Code Injection Vulnerabilities
20.10.2008 : Nuke ET FCKeditor Arbitrary File Upload Vulnerability
20.10.2008 : PHP Easy Downloader "filename" Remote File Creation Vulnerability
20.10.2008 : Fast Click SQL Lite "CFG[CDIR]" Remote File Inclusion Vulnerability
17.10.2008 : PHP Easy Downloader "file" Arbitrary File Download Vulnerability
13.10.2008 : My PHP Indexer "d" and "f" Parameters File Download Vulnerability
07.10.2008 : Yerba SACphp "mod" Parameter Local File Inclusion Vulnerability
30.09.2008 : WebBiscuits Events Calendar "path[docroot]" File Inclusion Vulnerability
23.09.2008 : basebuilder "mj_config[src_path]" PHP File Inclusion Vulnerability
23.09.2008 : Basic PHP Events Lister "id" Parameter SQL Injection Vulnerability
18.09.2008 : phpRealty "INC" Parameter Remote File Inclusion Vulnerability
18.09.2008 : PHP-Crawler "footer_file" Remote PHP File Inclusion Vulnerability
18.09.2008 : Technote "shop_this_skin_path" Remote File Inclusion Vulnerability
18.09.2008 : E-Php CMS "es_id" Parameter Remote SQL Injection Vulnerability
16.09.2008 : phpMyAdmin "sort_by" Parameter PHP Code Injection Vulnerability
08.09.2008 : E-Php Shopping Cart Script "cid" Remote SQL Injection Vulnerability
04.09.2008 : Slackware Security Update Fixes Multiple PHP Vulnerabilities
27.08.2008 : AWStats Totals Code Execution and Cross Ste Scripting Vulnerabilities
20.08.2008 : XNova "xnova_root_path" Parameter Remote File Inclusion Vulnerability
20.08.2008 : DeeEmm CMS Remote File Inclusion and SQL Injection Vulnerabilities
12.08.2008 : PHP Multiple Buffer Overflow and Security Bypass Vulnerabilities
01.08.2008 : Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
29.07.2008 : ATutor "type" Parameter Handling Remote File Inclusion Vulnerability
24.07.2008 : Redhat Security Update Fixes PHP Multiple Remote Vulnerabilities
18.07.2008 : Turbolinux Security Update Fixes PHP Security Bypass Vulnerabilities
11.07.2008 : gapicms "dirDepth" Remote PHP File Inclusion Vulnerability
09.07.2008 : BoonEx Ray "sIncPath" Remote PHP File Inclusion Vulnerability
08.07.2008 : Mandriva Security Update Fixes PHP Security Bypass Vulnerabilities
08.07.2008 : WebXell Editor "upload_pictures.php" Arbitrary File Upload Vulnerability
07.07.2008 : Redhat Security Update Fixes PHP Buffer Overflow and Security Bypass
27.06.2008 : MyPHP CMS "pid" Parameter Remote SQL Injection Vulnerability
27.06.2008 : Page Manager "upload.php" Arbitrary File Upload Vulnerability
23.06.2008 : Fedora Security Update Fixes PHP Multiple Remote Vulnerabilities
11.06.2008 : HP-UX Apache and Tomcat PHP Remote Code Execution Vulnerability
04.06.2008 : 1Book Data Processing Remote Command Injection Vulnerability
28.05.2008 : rPath Linux Security Update Fixes PHP Code Execution Vulnerabilities
27.05.2008 : ClassSystem "teacher_id" Parameter Remote SQL Injection Vulnerability
26.05.2008 : PhpRaider "pConfig_auth[phpbb_path]" PHP File Inlusion Vulnerability
26.05.2008 : plusPHP Short URL "_pages_dir" Remote File Inlusion Vulnerability
26.05.2008 : Slackware Security Update Fixes PHP Multiple Remote Vulnerabilities
26.05.2008 : rPath Security Update Fixes PHP Multiple Remote Vulnerabilities
21.05.2008 : Mantis Multiple Cross Site Scripting and Security Bypass Vulnerabilities
19.05.2008 : Debian Security Update Fixes PHP Buffer Overflow and Security Bypass
13.05.2008 : Debian Security Update Fixes PHP Code Execution Vulnerabilities
05.05.2008 : Scorp News "site" Parameter Remote File Inclusion Vulnerability
02.05.2008 : PHP Multiple Buffer Overflow and Restriction Bypass Vulnerabilities
29.04.2008 : PHP Forge "id" Parameter Remote SQL Query Injection Vulnerability
28.04.2008 : WordPress Cookie Integrity Protection Privilege Escalation Vulnerability
22.04.2008 : Tr Script News "nb" Parameter Remote SQL Injection Vulnerability
21.04.2008 : Debian Security Update Fixes suPHP Privilege Escalation Vulnerabilities
21.04.2008 : Fedora Security Update Fixes Smarty PHP Code Injection Vulnerability
16.04.2008 : XplodPHP AutoTutorials "id" Parameter SQL Injection Vulnerability
16.04.2008 : KwsPHP "action" Parameter Handling Local File Inclusion Vulnerability
14.04.2008 : Mandriva Security Update Fixes PHP-APC Buffer Overflow Vulnerability
09.04.2008 : LokiCMS "default" Parameter Arbitrary Code Injection Vulnerability
08.04.2008 : ChartDirector "file" Parameter Arbitrary File Disclosure Vulnerability
08.04.2008 : iScripts SocialWare "id" Parameter Remote SQL Injection Vulnerability
07.04.2008 : VisualPic "_CONFIG[files][functions_page]" File Inclusion Vulnerability
07.04.2008 : Blog Pixel Motion Arbitrary File Upload and SQL Injection Vulnerabilities
03.04.2008 : Fedora Security Update Fixes suPHP Privilege Escalation Vulnerabilities
03.04.2008 : suPHP Two Race Condition and Privilege Escalation Vulnerabilities
18.03.2008 : fuzzylime (cms) "admindir" Parameter Remote File Inclusion Vulnerability
17.03.2008 : Debian Security Update Fixes Smarty PHP Code Injection Vulnerability
05.03.2008 : GROUP-E Collaboration Software Remote File Inclusion Vulnerability
18.02.2008 : PHPizabi Arbitrary File Upload Remote Code Execution Vulnerability
15.02.2008 : Slackware Security Update Fixes PHP Code Execution Vulnerabilities
31.01.2008 : Hal Networks Products Unspecified Cross Site Scripting Vulnerabilities
31.01.2008 : Connectix Boards "template_path" Remote File Inclusion Vulnerability
31.01.2008 : Smart Publisher "filedata" Parameter Remote Code Injection Vulnerability
30.01.2008 : SuSE Security Update Fixes PHP Security Bypass and Code Execution
29.01.2008 : Tiger Php News System "catid" Parameter SQL Injection Vulnerability
29.01.2008 : Seagull PHP Framework "files" Parameter File Disclosure Vulnerability
14.01.2008 : Drupal Multiple Cross Site Scripting and Request Forgery Vulnerabilities
09.01.2008 : OneCMS Remote SQL Injection and Arbitrary File Upload Vulnerabilities
08.01.2008 : PHP Security Update Fixes Multiple Integer Overflow and Security Bypass
07.01.2008 : SNETWORKS PHP CLASSIFIEDS "path_escape" Remote File Inclusion
27.12.2007 : PMOS Help Desk "form.php" Header Handling Code Injection Vulnerability
27.12.2007 : NmnNewsletter "output" Parameter Remote File Inclusion Vulnerability
13.12.2007 : ViArt Products "root_folder_path" Parameter File Inclusion Vulnerability
13.12.2007 : Fastpublish "config[fsBase]" Parameter PHP File Inclusion Vulnerability
04.12.2007 : Ubuntu Security Update Fixes PHP Buffer Overflow and Security Bypass
26.11.2007 : WorkingOnWeb "idevent" Parameter Remote SQL Injection Vulnerability
26.11.2007 : Mp3 ToolBox "skin_file" Parameter Remote File Inclusion Vulnerability
23.11.2007 : DevMass Shopping Cart "kfm_base_path" PHP File Inclusion Vulnerability
22.11.2007 : TalkBack Multiple Parameter Remote PHP File Inclusion Vulnerabilities
20.11.2007 : rPath Linux Security Update Fixes PHP Multiple Function Vulnerabilities
19.11.2007 : meBiblio "action" Parameter Remote PHP File Inclusion Vulnerability
19.11.2007 : Carousel Flash Image Gallery for Joomla PHP File Inclusion Vulnerability
19.11.2007 : Datecomm Social Networking Script File Inclusion and SQL Injection
19.11.2007 : patBBCode "example" Parameter Remote PHP File Inclusion Vulnerability
14.11.2007 : Slackware Security Update Fixes PHP Multiple Function Vulnerabilities
12.11.2007 : PHP Multiple Function Buffer Overflow and Security Bypass Vulnerabilities
07.11.2007 : SiteBar Multiple Code Execution and Information Disclosure Vulnerabilities
06.11.2007 : nuBoard "site" Parameter Handling Remote File Inclusion Vulnerability
06.11.2007 : scWiki "pathdot" Parameter Handling Remote File Inclusion Vulnerability
06.11.2007 : GuppY "selskin" Parameter Local and Remote File Inclusion Vulnerability
06.11.2007 : SyndeoCMS "cmsdir" Parameter Remote PHP File Inclusion Vulnerability
06.11.2007 : Scribe "username" Parameter Remote Command Injection Vulnerability
06.11.2007 : BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion Vulnerabilities
30.10.2007 : Light FMan PHP Unspecified Actions Security Vulnerabilities
29.10.2007 : CaupoShop Pro "action" Parameter Remote File Inclusion Vulnerability
29.10.2007 : Sige "SYS_PATH" Parameter Handling Remote File Inclusion Vulnerability
29.10.2007 : teatro "basePath" Parameter Handling Remote File Inclusion Vulnerability
29.10.2007 : Redhat Security Update Fixes PHP Buffer Overflow and Security Bypass
25.10.2007 : rPath Security Update Fixes PHP Buffer Overflow and Security Bypass
25.10.2007 : Redhat Security Update Fixes PHP Buffer Overflow and Security Bypass
23.10.2007 : PHP for Windows COM Objects Handling Security Bypass Vulnerability
15.10.2007 : KwsPHP "album" Parameter Processing SQL Query Injection Vulnerability
11.10.2007 : Knowledgeroot Knowledgebase FCKEditor PHP File Upload Vulnerability
11.10.2007 : FCKEditor Multiple File Extension Handling PHP File Upload Vulnerability
10.10.2007 : LiveAlbum "livealbum_dir" Parameter Remote File Inclusion Vulnerability
09.10.2007 : Flash Image Gallery for Joomla "mosConfig_live_site" File Inclusion Issue
09.10.2007 : IDMOS "site_absolute_path" Variable Remote File Inclusion Vulnerability
09.10.2007 : Picturesolution "path" Parameter Remote PHP File Inclusion Vulnerability
09.10.2007 : Crea-CMS "cfg[document_uri]" Remote PHP File Inclusion Vulnerabilities
09.10.2007 : Else If CMS Multiple File Inclusion and Cross Site Scripting Vulnerabilities
09.10.2007 : Panoramic Picture Viewer for Joomla Remote File Inclusion Vulnerability
09.10.2007 : xKiosk WEB "PEARPATH" Parameter Remote File Inclusion Vulnerability
09.10.2007 : PHP Homepage M "id" Parameter Remote SQL Query Injection Vulnerability
09.10.2007 : Gentoo Security Update Fixes PHP Buffer Overflow and Security Bypass
03.10.2007 : Poppawid "form" Parameter Handling Remote File Inclusion Vulnerability
03.10.2007 : Segue CMS "themesdir" Variable Remote PHP File Inclusion Vulnerability
02.10.2007 : phpbb-openid "openid_root_path" Remote PHP File Inclusion Vulnerability
02.10.2007 : Mx At A Glance for mxBB "mx_root_path" Remote File Inclusion Vulnerability
01.10.2007 : actSite "BaseCfg[BaseDir]" Parameter Remote File Inclusion Vulnerability
01.10.2007 : Xoops Uploader Class PHP4 Extension Arbitrary File Upload Vulnerability
01.10.2007 : PhFiTo "SRC_PATH" Parameter Handling Remote File Inclusion Vulnerability
01.10.2007 : Public Media Manager "indir" Parameter Remote File Inclusion Vulnerability
01.10.2007 : IntegraMOD Nederland(s) "phpbb_root_path" PHP File Inclusion Vulnerability
27.09.2007 : Redhat Security Update Fixes PHP Buffer Overflow and Security Bypass Issues
26.09.2007 : Fedora Security Update Fixes PHP Buffer Overflow and Security Bypass Issues
25.09.2007 : SK.LOG "SKIN_URL" Parameter Handling Remote File Inclusion Vulnerability
25.09.2007 : Helplink "file" Parameter Processing Remote File Inclusion Vulnerability
25.09.2007 : WordSmith "_path" Parameter Processing Remote File Inclusion Vulnerability
24.09.2007 : phpBB2 Plus "phpbb_root_path" Remote PHP File Inclusion Vulnerabilities
24.09.2007 : Mandriva Security Update Fixes PHP Buffer Overflow and Security Bypass
21.09.2007 : Redhat Security Update Fixes PHP Integer Overflow and Security Bypass
19.09.2007 : rPath Security Update Fixes PHP Buffer Overflow and Security Bypass Issues
17.09.2007 : PHP Webquest "id_actividad" Parameter Remote SQL Injection Vulnerability
17.09.2007 : phpFFL "PHPFFL_FILE_ROOT" Parameter PHP File Inclusion Vulnerabilities
17.09.2007 : Ajax File Browser "approot" Parameter Remote File Inclusion Vulnerability
17.09.2007 : Joomla!Radio for Joomla "mosConfig_live_site" File Inclusion Vulnerability
17.09.2007 : KwsPHP Jeuxflash Module "id" Parameter Remote SQL Injection Vulnerability
13.09.2007 : Restaurante Component for Joomla Arbitrary File Upload Vulnerability
11.09.2007 : phpMyTourney "functions_file" Parameter Remote File Inclusion Vulnerability
11.09.2007 : Lighttpd "mod_fastcgi" Headers Handling Remote Code Execution Vulnerability
07.09.2007 : PHP Object Framework "PHPOF_INCLUDE_PATH" File Inclusion Vulnerability
07.09.2007 : eNetman "page" Parameter Processing Remote File Inclusion Vulnerability
31.08.2007 : PHP Multiple Function and Extension Code Execution and Security Bypass Issues
29.08.2007 : SomeryC "skindir" Parameter Processing Remote File Inclusion Vulnerability
14.08.2007 : Php Blue Dragon CMS "vsDragonRootPath" Remote File Inclusion Vulnerability
10.08.2007 : Web News "config[root_ordner]" Parameter Remote File Inclusion Vulnerability
10.08.2007 : Bilder Galerie "config[root_ordner]" Parameter Remote File Inclusion Vulnerability
10.08.2007 : Gastebuch "config[root_ordner]" Parameter Remote File Inclusion Vulnerability
10.08.2007 : Bilder Uploader "config[root_ordner]" Parameter PHP File Inclusion Vulnerability
10.08.2007 : Shoutbox "root" Parameter Processing Remote PHP File Inclusion Vulnerability
10.08.2007 : Ncaster "adminfolder" Parameter Processing Remote File Inclusion Vulnerability
10.08.2007 : File Uploader "config[root_ordner]" Parameter PHP File Inclusion Vulnerability
08.08.2007 : PhpHostBot "svr_rootscript" Parameter Remote PHP File Inclusion Vulnerability
08.08.2007 : CreAr PHPNews "format_menue" Parameter Remote File Inclusion Vulnerability
08.08.2007 : FrontAccounting "path_to_root" Parameter Remote File Inclusion Vulnerability
01.08.2007 : Confixx Pro "thisdir" Parameter Processing Remote File Inclusion Vulnerability
30.07.2007 : Trustix Security Update Fixes Multiple Code Execution and Security Bypass Issues
23.07.2007 : RGameScript Pro "id" Parameter Processing Remote File Inclusion Vulnerability
23.07.2007 : Joomla "searchword" Parameter Processing Remote Code Injection Vulnerability
23.07.2007 : BBS E-Market Professional "p_mode" Parameter PHP File Inclusion Vulnerability
19.07.2007 : SupaNav Module for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability
17.07.2007 : PHP "glob()" Function Arguments Processing Arbitrary Code Execution Vulnerability
13.07.2007 : SuSE Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
12.07.2007 : FlashBB "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability
09.07.2007 : Debian Security Update Fixes PHP Multiple Remote Buffer Overflow Vulnerabilities
09.07.2007 : LimeSurvey "homedir" Parameter Handling Remote PHP File Inclusion Vulnerabilities
04.07.2007 : SuperCali PHP Event Calendar "o" Parameter Remote SQL Injection Vulnerability
02.07.2007 : PHP Director "id" Parameter Processing Remote SQL Query Injection Vulnerability
02.07.2007 : sPHPell "SpellIncPath" Parameter Handling Remote PHP File Inclusion Vulnerabilities
02.07.2007 : Ripe Wepsite Manager "level" Parameter Remote PHP File Inclusion Vulnerabilities
02.07.2007 : Wheatblog "wb_class_dir" File Inclusion and "login" SQL Query Injection Vulnerabilities
26.06.2007 : WordPress Security Update Fixes Code Execution and SQL Injection Vulnerabilities
26.06.2007 : dreamLog "upload.php" Arbitrary File Upload Remote Code Execution Vulnerability
26.06.2007 : B1G Bulletin Board "tfooter" Parameter Processing Remote File Inclusion Vulnerability
25.06.2007 : Dagger "dir_edge_lang" Parameter Processing Remote File Inclusion Vulnerability
25.06.2007 : Sun Board "sunPath" and "dir" Parameters Remote PHP File Inclusion Vulnerabilities
25.06.2007 : Powl "_POWL[installPath]" Parameter Processing Remote File Inclusion Vulnerability
22.06.2007 : SERWeb "_SERWEB[serwebdir]" Parameter Handling File Inclusion Vulnerability
19.06.2007 : PHP Hosting Biller "PHP_SELF" Variable Handling Cross Site Scripting Vulnerability
18.06.2007 : YourFreeScreamer "serverPath" Parameter Handling PHP File Inclusion Vulnerability
18.06.2007 : phpMyInventory "strIncludePrefix" Parameter Handling File Inclusion Vulnerability
15.06.2007 : PHP::HTML "htmlclass_path" Parameter Handling Remote File Inclusion Vulnerability
15.06.2007 : Sitellite CMS "FORUM[LIB]" Parameter Handling Remote File Inclusion Vulnerability
15.06.2007 : Cjay Content Module for Xoops "spaw_root" Parameter File Inclusion Vulnerability
15.06.2007 : XT-Conteudo Module for Xoops "spaw_root" Parameter File Inclusion Vulnerability
15.06.2007 : Tiny Content Module for Xoops "spaw_root" Parameter File Inclusion Vulnerability
14.06.2007 : Avaya Multiple Product PHP Buffer Overflow and Security Bypass Vulnerabilities
13.06.2007 : Horoscope Module for Xoops "xoopsConfig[root_path]" File Inclusion Vulnerability
13.06.2007 : PHP Real Estate Classifieds "loc" Parameter Remote PHP File Inclusion Vulnerability
12.06.2007 : Maran PHP Blog "id" Parameter Processing Cross Site Scripting Vulnerability
12.06.2007 : Link Request Contact Form File Extension Handling Arbitrary File Upload Vulnerability
06.06.2007 : PHP Live! Multiple Parameter Handling Client-Side Cross Site Scripting Vulnerabilities
05.06.2007 : PHP "php_chunk_split()" Long Arguments Processing Integer Overflow Vulnerability
04.06.2007 : iContent Module for XOOPS "spaw_root" Parameter Remote File Inclusion Vulnerability
04.06.2007 : OpenPKG Security Update Fixes PHP Integer Overflow and Security Bypass Issues
04.06.2007 : Slackware Security Update Fixes PHP Integer Overflow and Security Bypass Issues
01.06.2007 : PHP Multiple Function Remote Integer Overflow and Security Bypass Vulnerabilities
30.05.2007 : HP System Management Homepage Security Update Fixes Multiple PHP Vulnerabilities
30.05.2007 : CAPTCHA Plugin for Geeklog "_CONF[path]" Parameter File Inclusion Vulnerability
28.05.2007 : Mazen PHP Chat "basepath" Parameter Handling Remote File Inclusion Vulnerabilities
28.05.2007 : FlaP "pachtofile" Parameter Handling Remote PHP File Inclusion Vulnerabilities
28.05.2007 : OpenBASE "root_prefix" Parameter Handling Remote PHP File Inclusion Vulnerabilities
28.05.2007 : WebAvis "root" Parameter Handling Remote PHP File Inclusion Vulnerability
28.05.2007 : FirmWorx Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
28.05.2007 : Gentoo Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
28.05.2007 : OpenPKG Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
23.05.2007 : SuSE Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
22.05.2007 : PHP GD Graphics Library "gdPngReadData()" PNG File Denial of Service Vulnerability
21.05.2007 : Debian Security Update Fixes PHP "ftp_putcmd()" Function Security Bypass Vulnerability
21.05.2007 : OlBookmarks "root" Parameter Handling Remote PHP File Inclusion Vulnerabilities
21.05.2007 : SunLight CMS "root" Parameter Handling Remote PHP File Inclusion Vulnerability
21.05.2007 : Libstats "rInfo[content]" Parameter Handling Remote PHP File Inclusion Vulnerability
21.05.2007 : Turbolinux Security Update Fixes PHP Code Execution and Security Bypass Vulnerabilities
17.05.2007 : Glossword "sys[path_addon]" Parameter Remote PHP File Inclusion Vulnerability
16.05.2007 : PHP SOAP Extension "make_http_soap_request()" Random Number Generation Weakness
16.05.2007 : Media Gallery for Geeklog "_MG_CONF[path_html]" Remote File Inclusion Vulnerability
16.05.2007 : Linksnet Newsfeed "dirpath_linksnet_newsfeed" Remote PHP File Inclusion Vulnerability
14.05.2007 : Fedora Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
14.05.2007 : Feindt News-Script "action" Parameter Handling Remote PHP File Inclusion Vulnerability
14.05.2007 : NagiosQL "SETS[path][physical]" and "SETS[path][IT]" PHP File Inclusion Vulnerability
14.05.2007 : PHP Advanced Transfer Manager "directory" and "filename" Directory Traversal Issue
14.05.2007 : Beacon "languagePath" Parameter Handling Remote PHP File Inclusion Vulnerability
14.05.2007 : YAAP "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability
14.05.2007 : cjgExplorerPro "g_pcltar_lib_dir" Parameter Remote PHP File Inclusion Vulnerability
14.05.2007 : MonAlbum "admin_configuration.php" Script Arbitrary PHP Code Injection Vulnerability
11.05.2007 : Jimmac Original Photo Gallery "x[1]" Parameter Remote PHP File Inclusion Vulnerability
11.05.2007 : Mandriva Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
09.05.2007 : telltarget CMS "tt_docroot" Parameter Handling Remote PHP File Inclusion Vulnerabilities
09.05.2007 : AForum "CommonAbsDir" Parameter Handling Remote PHP File Inclusion Vulnerability
09.05.2007 : phpMyPortal "GLOBALS[CHEMINMODULES]" Parameter PHP File Inclusion Vulnerability
09.05.2007 : Miplex2 "system[smarty][dir]" Parameter Handling Remote File Inclusion Vulnerability
09.05.2007 : PHPLojaFacil "path_local" Parameter Handling Remote PHP File Inclusion Vulnerabilities
09.05.2007 : CGX "pathCGX" Parameter Processing Remote PHP File Inclusion Vulnerabilities
09.05.2007 : LaVague "views_path" Parameter Handling Remote PHP File Inclusion Vulnerability
09.05.2007 : Redhat Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
08.05.2007 : Slackware Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
07.05.2007 : Berylium "beryliumroot" Parameter Handling Remote PHP File Inclusion Vulnerability
07.05.2007 : DynamicPAD "HomeDir" Parameter Handling Remote PHP File Inclusion Vulnerabilities
07.05.2007 : Friendly "friendly_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
07.05.2007 : Wikivi5 "sous_rep" Parameter Handling Remote PHP File Inclusion Vulnerability
07.05.2007 : NoAh "tpls[1]" Parameter Handling Remote PHP File Inclusion Vulnerability
07.05.2007 : PHPtree "s_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
07.05.2007 : Watermark for Gallery "GALLERY_BASEDIR" Remote PHP File Inclusion Vulnerability
07.05.2007 : PHP TopTree BBS "right_file" Parameter Handling Remote File Inclusion Vulnerability
07.05.2007 : Workbench "path" Parameter Handling Remote PHP File Inclusion Vulnerability
07.05.2007 : Versado CMS "urlModulo" Parameter Handling Remote PHP File Inclusion Vulnerability
07.05.2007 : E-GADS! "locale" Parameter Handling Remote PHP File Inclusion Vulnerability
04.05.2007 : PHP Multiple Function Remote Buffer Overflow and Security Bypass Vulnerabilities
04.05.2007 : Pre Classified Listings PHP "category" Parameter Remote SQL Injection Vulnerability
04.05.2007 : Php Coupon Script "bus" Parameter Handling Remote SQL Query Injection Vulnerability
04.05.2007 : Open Translation Engine "ote_home" Parameter Handling File Inclusion Vulnerability
04.05.2007 : phpChess Community Edition "Root_Path" Parameter PHP File Inclusion Vulnerabilities
03.05.2007 : Mx Faq and Rules for mxBB "module_root_path" Remote File Inclusion Vulnerability
02.05.2007 : myFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability
02.05.2007 : wordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability
02.05.2007 : WP-Table Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability
30.04.2007 : The Merchant "show" Parameter Handling Multiple Remote File Inclusion Vulnerability
30.04.2007 : TCExam "SessionUserLang" Cookie Parameter Arbitrary Code Injection Vulnerability
30.04.2007 : myGallery Plugin for Wordpress "myPath" Parameter Remote File Inclusion Vulnerability
30.04.2007 : Ubuntu Security Update Fixes PHP Code Execution and Security Bypass Vulnerabilities
27.04.2007 : burnCMS "root" Parameter Handling Multiple Remote PHP File Inclusion Vulnerabilities
27.04.2007 : PHP Band Manager "pg" Parameter Handling Remote PHP File Inclusion Vulnerability
27.04.2007 : FireFly "doc_root" and "DOCUMENT_ROOT" Parameters File Inclusion Vulnerabilities
25.04.2007 : Cisco Products PHP HTML Entity Encoder Remote Command Execution Vulnerability
25.04.2007 : Wavewoo "path_include" Parameter Handling Remote PHP File Inclusion Vulnerability
24.04.2007 : DMCMS "upload_file.php" Arbitrary File Upload Remote Code Execution Vulnerability
24.04.2007 : GPB "theme" and "root_path" Parameters Multiple Remote File Inclusion Vulnerabilities
24.04.2007 : Joomla "g_pcltar_lib_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
24.04.2007 : ACVS WebServices "CheminInclude" Parameter Remote File Inclusion Vulnerability
23.04.2007 : WEBinsta FM Manager "absolute_path" Parameter Remote File Inclusion Vulnerability
23.04.2007 : Maran PHP Forum Multiple Parameter Handling Remote PHP Code Injection Vulnerabilities
20.04.2007 : Redhat Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
19.04.2007 : NuclearBB "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability
18.04.2007 : Mandriva Security Update Fixes PHP Multiple Code Execution and DoS Vulnerabilities
18.04.2007 : rPath Security Update Fixes PHP Multiple Code Execution and DoS Vulnerabilities
18.04.2007 : Rezervi Generic "root" Parameter Handling Remote PHP File Inclusion Vulnerabilities
18.04.2007 : AimStats "process.php" Multiple Parameter Remote PHP Code Injection Vulnerabilities
18.04.2007 : Mozzers SubSystem "subname" and "suburl" Remote PHP Code Injection Vulnerability
18.04.2007 : jGallery "G_JGALL[inc_path]" Parameter Handling Remote File Inclusion Vulnerability
18.04.2007 : Fedora Security Update Fixes PHP Multiple Code Execution and DoS Vulnerabilities
18.04.2007 : ShoutPro "shout" Parameter Handling Remote PHP Command Injection Vulnerability
18.04.2007 : Cabron Connector "CabronServiceFolder" Parameter Remote File Inclusion Vulnerability
18.04.2007 : MiniGal "imagecomments()" Function Remote PHP Code Injection Vulnerability
18.04.2007 : JoomlaPack for Joomla "mosConfig_absolute_path" PHP File Inclusion Vulnerability
18.04.2007 : AjPortal "PagePrefix" Parameter Handling Remote PHP File Inclusion Vulnerabilities
18.04.2007 : Anthologia "ads_file" Parameter Handling Remote PHP File Inclusion Vulnerability
17.04.2007 : Tsdisplay4xoops "xoops_url" Parameter Handling Remote File Inclusion Vulnerability
17.04.2007 : StoreFront for Gallery "GALLERY_BASEDIR" Parameter PHP File Inclusion Vulnerabilities
16.04.2007 : Redhat Security Update Fixes PHP Multiple Buffer Overflow and DoS Vulnerabilities
16.04.2007 : PhpWiki "UpLoad" Feature File Extension Validation Security Bypass Vulnerability
16.04.2007 : WebSlider "path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
16.04.2007 : Article for Joomla "absolute_path" Parameter Remote PHP File Inclusion Vulnerability
16.04.2007 : Limesoft Guestbook "name" and "message" Remote PHP Code Injection Vulnerability
16.04.2007 : AutoStand for Joomla "mosConfig_absolute_path" Remote File Inclusion Vulnerability
16.04.2007 : Pixaria Gallery "cfg[sys][base_path]" Parameter Remote PHP File Inclusion Vulnerability
16.04.2007 : Chatness Remote Information Disclosure and Arbitrary Code Execution Vulnerabilities
16.04.2007 : WebKalk2 "absolute_path" Parameter Handling Remote PHP File Inclusion Vulnerability
16.04.2007 : Shotcast Module for mxBB "mx_root_path" Parameter Remote File Inclusion Vulnerability
12.04.2007 : PunBB "redirect_url" and "cat_name" Parameters Handling Cross Site Scripting Issues
12.04.2007 : MOSMedia Lite for Mambo "mosConfig_absolute_path" PHP File Inclusion Vulnerabilities
12.04.2007 : Wetter Module for Mambo "absolute_path" Parameter Remote File Inclusion Vulnerability
12.04.2007 : CodeBreak "process_method" Parameter Handling Remote File Inclusion Vulnerability
12.04.2007 : TOSMO/Mambo "absolute_path" Parameter Remote PHP File Inclusion Vulnerabilities
12.04.2007 : zOOm Media Gallery for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability
12.04.2007 : pL-PHP Multiple Parameter Remote SQL Injection and Local File Inclusion Vulnerabilities
11.04.2007 : SimpCMS Light "site" Parameter Handling Remote PHP File Inclusion Vulnerability
11.04.2007 : TaskHopper for Joomla "mosConfig_absolute_path" PHP File Inclusion Vulnerabilities
11.04.2007 : Crea-Book "pseudo" and "passe" Parameters Remote SQL Injection Vulnerabilities
11.04.2007 : Weatimages "ini[langpack]" Parameter Handling Remote File Inclusion Vulnerability
11.04.2007 : phpGalleryScript "include_class" Parameter Remote PHP File Inclusion Vulnerability
10.04.2007 : Pathos CMS "file" Parameter Handling Remote PHP File Inclusion Vulnerability
10.04.2007 : Song Request System "id" Parameter Handling Remote PHP File Inclusion Vulnerability
10.04.2007 : MyNews "myNewsConf[path][sys][index]" Parameter Remote File Inclusion Vulnerability
10.04.2007 : PHP121 "php121dir" Parameter Handling Remote PHP File Inclusion Vulnerability
10.04.2007 : Battle.net Clan Script for PHP "user" Parameter Remote SQL Injection Vulnerability
09.04.2007 : Scar4U ScarNews "sn_admin_dir" Parameter Remote PHP File Inclusion Vulnerability
09.04.2007 : MyBlog "id" and "scoreid" Parameters Handling Remote PHP File Inclusion Vulnerabilities
09.04.2007 : Scorp Book "config" Parameter Handling Remote PHP File Inclusion Vulnerability
06.04.2007 : Sisplet CMS "site_path" Parameter Handling Remote PHP File Inclusion Vulnerability
06.04.2007 : PHP-Generics "_APP_RELATIVE_PATH" Parameter PHP File Inclusion Vulnerabilities
06.04.2007 : webSPELL "id" and "file" Parameters Handling Arbitrary File Download Vulnerability
06.04.2007 : CodeWand phpBrowse "include_path" Parameter Remote File Inclusion Vulnerability
05.04.2007 : PHP GD Graphics Library Extension WBMP Image Handling Integer Overflow Vulnerability
05.04.2007 : Kuato Mutant "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability
05.04.2007 : AROUNDMe Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
05.04.2007 : MySpeach "my_ms[root]" Parameter Handling Remote PHP File Inclusion Vulnerability
04.04.2007 : MyBB "HTTP_CLIENT_IP" Header Processing Remote SQL Query Injection Vulnerability
03.04.2007 : MapLab "gszAppPath" Parameter Handling Remote PHP File Inclusion Vulnerability
02.04.2007 : Really Simple PHP and Ajax (RSPA) Multiple Parameter File Inclusion Vulnerabilities
02.04.2007 : BT-Sondage "repertoire_visiteur" Parameter Remote PHP File Inclusion Vulnerability
02.04.2007 : Advanced Login "root" Parameter Handling Remote PHP File Inclusion Vulnerability
29.03.2007 : CodeBB "phpbb_root_path" Parameter Handling Remote PHP File Inclusion Vulnerability
29.03.2007 : MangoBery "Site_Path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
28.03.2007 : Ay System Web Content System "path[JavascriptEdit]" PHP File Inclusion Vulnerability
28.03.2007 : Eve-Nuke Forums "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
27.03.2007 : C-Arbre "root_path" Parameter Handling Multiple Remote PHP File Inclusion Vulnerabilities
27.03.2007 : IceBB Avatar Handling Remote SQL Injection and Arbitrary File Upload Vulnerabilities
26.03.2007 : ttCMS "lib_path" Parameter Handling Remote PHP File Inclusion Vulnerability
26.03.2007 : Philex Multiple Parameter PHP File Inclusion and Arbitrary File Disclosure Vulnerabilities
23.03.2007 : LAN Management System Multiple Parameter Remote PHP File Inclusion Vulnerability
23.03.2007 : ClassWeb "BASE" Parameter Handling Multiple Remote PHP File Inclusion Vulnerabilities
22.03.2007 : Digital Eye CMS "menu" Parameter Handling Remote PHP File Inclusion Vulnerability
21.03.2007 : Turbolinux Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
21.03.2007 : Gentoo Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
19.03.2007 : Active PHP Bookmark Notes "APB_SETTINGS[template_path]" Inclusion Vulnerability
19.03.2007 : PHP DB Designer Multiple Parameter Handling Remote File Inclusion Vulnerabilities
19.03.2007 : CcMail "functions_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
19.03.2007 : GroupIT "c_basepath" Parameter Handling Remote PHP File Inclusion Vulnerabilities
19.03.2007 : GraFX Company WebSite Builder "INCLUDE_PATH" Remote File Inclusion Vulnerability
16.03.2007 : PHP "array_user_key_compare()" and "isc_attach_database()" Local Vulnerabilities
16.03.2007 : Dayfox Blog "cat" Parameter Handling Remote PHP Command Injection Vulnerability
16.03.2007 : SuSE Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
15.03.2007 : PHP "session_regenerate_id()" and "php_session_initialize()" Double Free Vulnerabilities
14.03.2007 : GestArt "aide" Parameter Handling Remote PHP File Inclusion Vulnerability
14.03.2007 : MySQL Commander "home" Parameter Handling Remote File Inclusion Vulnerability
14.03.2007 : Radical Designs AMP "base_path" Parameter Remote PHP File Inclusion Vulnerability
14.03.2007 : CARE2X "root_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
14.03.2007 : WebCreator "moddir" Parameter Handling Remote PHP File Inclusion Vulnerabilities
13.03.2007 : Open Educational System Multiple Parameter Remote PHP File Inclusion Vulnerabilities
13.03.2007 : PHP Labs JobSitePro "salary" Parameter Handling Remote SQL Injection Vulnerability
12.03.2007 : WORK System E-commerce "g_include" Parameter Remote File Inclusion Vulnerability
12.03.2007 : JCcorp URLshrink "formurl" Parameter Handling Remote PHP File Inclusion Vulnerability
12.03.2007 : Trustix Security Update Fixes GnuPG and Multiple PHP Security Bypass Vulnerabilities
09.03.2007 : Web Organizer "baseDir" Parameter Handling Remote PHP File Inclusion Vulnerability
09.03.2007 : GeoSoft Magic CMS "file" Parameter Handling Remote PHP File Inclusion Vulnerability
09.03.2007 : PostGuestbook Module for PostNuke "tpl_pgb_moddir" PHP File Inclusion Vulnerability
08.03.2007 : Flat Chat "name" Parameter Handling Remote PHP Command Injection Vulnerability
08.03.2007 : PHP MSSQL Extension "mssql_connect()" and "mssql_pconnect()" Buffer Overflow Issue
07.03.2007 : WebCalendar "noSet" Parameter Handling Arbitrary Variable Overwrite Vulnerability
06.03.2007 : Zend Platform "scd.sh" and "ini_modifier" Security Bypass and Privilege Escalation Issues
05.03.2007 : aWebNews "path_to_news" Parameter Handling Remote PHP File Inclusion Vulnerability
01.03.2007 : Wiclear "onAttachFiles()" Function Filename Handling Arbitrary File Upload Vulnerability
01.03.2007 : PHP Multiple Restrictions Security Bypass and Denial of Service Vulnerabilities
28.02.2007 : PhpForums Admin Phorum "include_path" Parameter Remote File Inclusion Vulnerability
28.02.2007 : rPath Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
28.02.2007 : Turbolinux Security Update Fixes PHP GD Library Remote Buffer Overflow Vulnerability
27.02.2007 : STWC-Counter "stwc_counter_verzeichniss" Parameter PHP File Inclusion Vulnerability
26.02.2007 : Sinapis Forum "fuss" Parameter Handling Remote PHP File Inclusion Vulnerability
26.02.2007 : Sinapis Gastebuch "fuss" Parameter Handling Remote PHP File Inclusion Vulnerability
26.02.2007 : FCRing "s_fuss" Parameter Handling Remote PHP File Inclusion Vulnerability
26.02.2007 : NoMoKeTo Module for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability
26.02.2007 : CS-Gallery "album" Parameter Handling Remote PHP File Inclusion Vulnerability
26.02.2007 : Extreme phpBB "phpbb_root_path" Parameter Handling PHP File Inclusion Vulnerability
26.02.2007 : PHP Module Implementation Project "laypath" Parameter PHP File Inclusion Vulnerability
26.02.2007 : OpenPKG Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
26.02.2007 : Slackware Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
26.02.2007 : Mandriva Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
23.02.2007 : ZPanel "body" and "page" Parameters Handling Remote PHP File Inclusion Vulnerability
23.02.2007 : eFiction "path_to_smf" Parameter Handling Remote PHP File Inclusion Vulnerability
23.02.2007 : FlashGameScript "func" Parameter Handling Remote PHP File Inclusion Vulnerability
22.02.2007 : DBGuestbook "dbs_base_path" Parameter Remote PHP File Inclusion Vulnerabilities
21.02.2007 : Fedora Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
21.02.2007 : Ubuntu Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
21.02.2007 : Ultimate Fun Board "gbpfad" Parameter Handling Remote File Inclusion Vulnerability
21.02.2007 : SendStudio "ROOTDIR" Parameter Handling Remote PHP File Inclusion Vulnerability
20.02.2007 : Redhat Security Update Fixes PHP Buffer Overflow and Security Bypass Vulnerabilities
19.02.2007 : VS-Link-Partner "script_pfad" Parameter Handling Remote File Inclusion Vulnerability
19.02.2007 : VS-News-System "newsordner" Parameter Handling Remote File Inclusion Vulnerability
19.02.2007 : VS-Gastebuch "gb_pfad" Parameter Handling Remote PHP File Inclusion Vulnerability
19.02.2007 : Htaccess Passwort Generator "ht_pfad" Parameter Remote File Inclusion Vulnerability
15.02.2007 : ZebraFeeds "zf_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
14.02.2007 : AT Contenator "Root_To_Script" Parameter Handling Remote File Inclusion Vulnerability
14.02.2007 : DropBox "extract()" PHP Function Multiple Remote Variable Overwrite Vulnerabilities
12.02.2007 : ApacheStats "extract()" PHP Function Multiple Remote Variable Overwrite Vulnerabilities
12.02.2007 : TagIt! Tagboard Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
12.02.2007 : Seitenschutz Plugin for OPENi-CMS "config[oi_dir]" Remote File Inclusion Vulnerability
09.02.2007 : PHP Multiple Function and Extension Buffer Overflow and Security Bypass Vulnerabilities
09.02.2007 : Site-Assistant "paths[version]" Parameter Handling Remote File Inclusion Vulnerability
09.02.2007 : Maian Recipe "path_to_folder" Parameter Handling Remote File Inclusion Vulnerability
09.02.2007 : WebMatic "P_LIB" and "P_INDEX" Parameters Remote PHP File Inclusion Vulnerabilities
07.02.2007 : MySQLNewsEngine "newsenginedir" Parameter Remote File Inclusion Vulnerability
07.02.2007 : AgerMenu "rootdir" Parameter Handling Remote PHP File Inclusion Vulnerability
07.02.2007 : LightRO CMS "dateien[news]" Parameter Handling Remote File Inclusion Vulnerability
07.02.2007 : Mandriva Security Update Fixes PHP Security Bypass and GD Buffer Overflow Issues
06.02.2007 : SMA-DB "pfad_z" Parameter Handling Remote PHP File Inclusion Vulnerability
06.02.2007 : Categories hierarchy for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability
06.02.2007 : GGCMS "subpageContent" and "subpageName" Remote Code Execution Vulnerability
05.02.2007 : DreamStats "rootpath" Parameter Handling Remote PHP File Inclusion Vulnerability
05.02.2007 : Flipsource Flip "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability
05.02.2007 : ezConvert "ezconvert_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
05.02.2007 : phpBB++ "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability
02.02.2007 : phpEventMan "level" Parameter Handling Remote PHP File Inclusion Vulnerabilities
02.02.2007 : Epistemon "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability
02.02.2007 : WebBuilder "GLOBALS[core][module_path]" Parameter PHP File Inclusion Vulnerability
02.02.2007 : Portail Web Php "site_path" Parameter Handling Remote File Inclusion Vulnerability
01.02.2007 : Phpbb Tweaked "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
01.02.2007 : Hailboards "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
01.02.2007 : Cadre "GLOBALS[config][framework_path]" Remote PHP File Inclusion Vulnerability
01.02.2007 : PHPMyRing "fichier" Parameter Handling Remote PHP File Inclusion Vulnerability
01.02.2007 : JV2 Folder Gallery "galleryfilesdir" Parameter Remote PHP File Inclusion Vulnerability
01.02.2007 : Omegaboard "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
01.02.2007 : Cerulean Portal System "phpbb_root_path" Parameter Remote File Inclusion Vulnerability
31.01.2007 : EncapsCMS "config[path]" Parameter Handling Remote File Inclusion Vulnerability
31.01.2007 : MyNews "myNewsConf[path][sys][index]" Parameter Remote File Inclusion Vulnerability
31.01.2007 : phpBB2-MODificat "phpbb_root_path" Parameter Remote File Inclusion Vulnerability
29.01.2007 : EclipseBB "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability
29.01.2007 : Foro Domus "sesion_idioma" Parameter Handling Remote File Inclusion Vulnerability
29.01.2007 : PhP Generic Library and Framework for Comm "include_path" File Inclusion Vulnerability
29.01.2007 : nsGalPHP "racineTBS" Parameter Handling Remote PHP File Inclusion Vulnerability
29.01.2007 : ACGVclick "path" Parameter Handling Remote PHP File Inclusion Vulnerability
29.01.2007 : Drunken:Golem Gaming Portal "root_path" Parameter Remote File Inclusion Vulnerability
29.01.2007 : Xt-Stats "server_base_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
29.01.2007 : phpMyReports "cfgPathModule" Parameter Remote PHP File Inclusion Vulnerability
29.01.2007 : MyPHPCommander "gl_root" Parameter Handling Remote File Inclusion Vulnerability
29.01.2007 : AINS "ains_path" Parameter Handling Remote PHP File Inclusion Vulnerability
26.01.2007 : Virtual Path for phpBB "phpbb_root_path" Parameter Remote File Inclusion Vulnerability
25.01.2007 : RPW "sql_language" Parameter Handling Remote PHP File Inclusion Vulnerability
25.01.2007 : Inter7 vHostAdmin "MODULES_DIR" Parameter Remote PHP File Inclusion Vulnerability
24.01.2007 : FreeWebshop.org "lang_file" Parameter Handling Remote File Inclusion Vulnerability
24.01.2007 : BBClone "BBC_LIB_PATH" Parameter Handling Remote File Inclusion Vulnerability
24.01.2007 : Project and Project Issue Tracking for Drupal Multiple Security Bypass Vulnerabilities
24.01.2007 : phpXD "path" Parameter Handling Multiple Remote PHP File Inclusion Vulnerabilities
23.01.2007 : Vote! Pro "poll_id" Parameter Handling Remote PHP Code Injection Vulnerability
23.01.2007 : VisoHotlink "mosConfig_absolute_path" Parameter Remote File Inclusion Vulnerability
22.01.2007 : Mafia Scum Tools "gen" Parameter Handling Remote PHP File Inclusion Vulnerability
22.01.2007 : MySpeach "my_ms[root]" Parameter Handling Remote PHP File Inclusion Vulnerability
22.01.2007 : Neon Labs Website "g_strRootDir" Parameter Handling Remote File Inclusion Vulnerability
22.01.2007 : phpIndexPage "env[inc_path]" Parameter Handling Remote File Inclusion Vulnerability
22.01.2007 : ComVironment "inc_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
22.01.2007 : Upload-Service "maindir" Parameter Handling Remote PHP File Inclusion Vulnerability
22.01.2007 : Bradabra "include_path" Parameter Handling Remote PHP File Inclusion Vulnerability
22.01.2007 : PhpSherpa "racine" Parameter Handling Remote PHP File Inclusion Vulnerability
18.01.2007 : PHPMyphorum "chem" Parameter Handling Remote PHP File Inclusion Vulnerability
18.01.2007 : Uberghey CMS "setup_folder" Parameter Handling Remote File Inclusion Vulnerability
18.01.2007 : Oreon "file" Parameter Handling Remote PHP File Inclusion Vulnerability
15.01.2007 : FdWeB Espace Membres "path" Parameter Handling Remote File Inclusion Vulnerability
15.01.2007 : LunarPoll "PollDir" Parameter Handling Remote PHP File Inclusion Vulnerability
15.01.2007 : TLM CMS "chemin" Parameter Handling Remote PHP File Inclusion Vulnerability
15.01.2007 : Poplar Gedcom Viewer "env[rootPath]" Parameter Remote File Inclusion Vulnerability
12.01.2007 : Edit-X ECOMMERCE "include_dir" Parameter Remote PHP File Inclusion Vulnerability
11.01.2007 : Magic Photo Storage "_config[site_path]" Parameter Remote File Inclusion Vulnerability
09.01.2007 : Axiom Photo Gallery "baseAxiomPath" Parameter Remote File Inclusion Vulnerability
08.01.2007 : phpMyFAQ Unspecified Parameter Remote SQL Injection and File Upload Vulnerabilities
06.01.2007 : WordPress Trackback Charset SQL Injection and Admin Cross Site Scripting Vulnerabilities
05.01.2007 : Aratix "current_path" Parameter Handling Remote PHP File Inclusion Vulnerability
02.01.2007 : MDForum "PNSVlang" Cookie Parameter Handling Local File Inclusion Vulnerability
02.01.2007 : STphp EasyNews PRO "data/users.txt" Remote Information Disclosure Vulnerability
02.01.2007 : IMGallery "users_adm/start1.php" Extension Handling Arbitrary File Upload Vulnerability
29.12.2006 : WebText CMS "im" Parameter Handling Remote PHP Command Injection Vulnerability
27.12.2006 : Yrch! "path" Parameter Handling Remote PHP File Inclusion Vulnerability
27.12.2006 : Bubla "bu_config[dir]" and "bu_dir" Parameters Remote PHP File Inclusion Vulnerabilities
27.12.2006 : Event Calendar for Limbo CMS "lm_absolute_path" Remote File Inclusion Vulnerability
27.12.2006 : Character Roster for Shadowed Portal "mod_root" Remote File Inclusion Vulnerability
27.12.2006 : Okul Merkezi Portal "page" Parameter Handling Remote PHP File Inclusion Vulnerability
27.12.2006 : PhpbbXtra "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability
27.12.2006 : MTCMS "ins_file" Parameter Handling Remote PHP File Inclusion Vulnerability
27.12.2006 : Ultimate PHP Board "username" Parameter Handling Command Injection Vulnerability
27.12.2006 : Ciberia Content Federator "path" Parameter Handling Remote File Inclusion Vulnerability
27.12.2006 : Irokez CMS Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
27.12.2006 : Jinzora "include_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
26.12.2006 : Pagetool "ptconf[src]" Parameter Handling Remote PHP File Inclusion Vulnerability
26.12.2006 : SH-News "news_cfg[path]" Parameter Handling Remote PHP File Inclusion Vulnerability
26.12.2006 : KISGB "default_path_for_themes" Parameter Handling Remote File Inclusion Vulnerability
22.12.2006 : Inertianews Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
21.12.2006 : PowerClan "settings[footer]" Parameter Handling Remote PHP File Inclusion Vulnerability
21.12.2006 : Newxooper-php "chemin" Parameter Handling Remote PHP File Inclusion Vulnerabilities
21.12.2006 : PgmReloaded Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
21.12.2006 : Valdersoft Shopping Cart "commonIncludePath" Remote PHP File Inclusion Vulnerabilities
21.12.2006 : TextSend Multiple Parameter Remote File Inclusion and Cross Site Scripting Vulnerabilities
20.12.2006 : PHP-Update "extract()" Function Multiple Remote Code and SQL Injection Vulnerabilities
20.12.2006 : phpProfiles Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
20.12.2006 : Paristemi "SERVER_DIRECTORY" Parameter Remote PHP File Inclusion Vulnerability
20.12.2006 : cwmVote "abs" Parameter Handling Remote PHP File Inclusion Vulnerability
20.12.2006 : cwmCounter "path" Parameter Handling Remote PHP File Inclusion Vulnerability
19.12.2006 : Azucar CMS "_VIEW" Parameter Handling Remote PHP File Inclusion Vulnerability
19.12.2006 : RateMe "pathtoscript" Parameter Handling Remote PHP File Inclusion Vulnerability
17.12.2006 : eXtreme Fusion "settings[locale]" Parameter Handling Local File Inclusion Vulnerability
17.12.2006 : Charts Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability
17.12.2006 : Meeting Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability
17.12.2006 : PhpMyCms "basepath" Parameter Handling Remote PHP File Inclusion Vulnerability
13.12.2006 : BLOG:CMS "DIR_ADMIN" Parameter Handling Remote PHP File Inclusion Vulnerability
13.12.2006 : phpMiX Modsdb for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability
13.12.2006 : Knowledge Base for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability
13.12.2006 : Newssuite Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability
13.12.2006 : dadaIMC "FilesMatch" Directive Multiple File Handling Command Execution Vulnerability
12.12.2006 : Redhat Security Update Fixes PHP Security Bypass and Code Execution Issues
11.12.2006 : Barman "basepath" Parameter Handling Remote PHP File Inclusion Vulnerability
11.12.2006 : b2evolution "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability
09.12.2006 : CM68News Remote PHP File Inclusion and Client-Side Cross Site Scripting Vulnerabilities
08.12.2006 : ThinkEdit "template_file" Parameter Handling Remote PHP File Inclusion Vulnerability
05.12.2006 : Aj-fork for CuteNews "cutepath" Parameter Remote PHP File Inclusion Vulnerability
04.12.2006 : Upload Progress Meter Extension for PHP Remote Command Execution Vulnerability
04.12.2006 : Awrate "toroot" Parameter Handling Remote PHP File Inclusion Vulnerabilities
04.12.2006 : PHP Upload Center "footerpage" and "language" PHP File Inclusion Vulnerabilities
02.12.2006 : deV!Lz Clanportal Multiple Remote SQL Injection and Arbitrary File Upload Vulnerabilities
30.11.2006 : Campware Campsite "g_documentRoot" Parameter PHP File Inclusion Vulnerabilities
29.11.2006 : P-News Arbitrary PHP File Upload and Remote Information Disclosure Vulnerabilities
28.11.2006 : Symantec Veritas NetBackup PureDisk PHP Remote Code Execution Vulnerability
24.11.2006 : Site News "page" Parameter Handling Remote PHP File Inclusion Vulnerability
22.11.2006 : e-Ark "cfg_pear_path" Parameter Handling Remote PHP File Inclusion Vulnerability
22.11.2006 : Photo Cart "admin_folder" and "path" Parameters PHP File Inclusion Vulnerabilities
20.11.2006 : PHP Easy Download Multiple Parameter Remote Code Execution Vulnerabilities
20.11.2006 : Oliver "conf[motdfile]" Parameter Handling Remote PHP File Inclusion Vulnerability
20.11.2006 : PHPQuickGallery "textFile" Parameter Handling PHP File Inclusion Vulnerability
20.11.2006 : phpWebThings "editor_insert_bottom" Parameter PHP File Inclusion Vulnerability
20.11.2006 : Turbolinux Security Update Fixes PHP Security Bypass and Code Execution Issues
17.11.2006 : Hot Links SQL "dlback.php" and "dlback.cgi" Information Disclosure Vulnerability
17.11.2006 : PHP Upload Tool Remote File Upload and Information Disclosure Vulnerabilities
16.11.2006 : SuSE Security Update Fixes PHP Remote Command Execution Vulnerabilities
15.11.2006 : Dotdeb PHP "PATH_INFO" Handling Remote Email Header Injection Vulnerability
15.11.2006 : phpPeanuts "Include" Parameter Handling Remote PHP File Inclusion Vulnerability
14.11.2006 : Aigaion "DIR" Parameter Handling Remote PHP File Inclusion Vulnerabilities
14.11.2006 : Simple PHP Forum "username" Parameter Remote SQL Injection vulnerabilities
13.11.2006 : EncapsCMS "root" Parameter Handling Remote PHP File Inclusion Vulnerability
10.11.2006 : CyberBrau "path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
10.11.2006 : LetterIt "lang" Parameter Handling Remote PHP File Inclusion Vulnerability
10.11.2006 : MyAlbum "langs_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
09.11.2006 : SpeedyWiki Arbitrary PHP File Upload And Cross Site Scripting Vulnerabilities
09.11.2006 : GreenBeast CMS Authentication Bypass and Remote File Upload Vulnerabilities
09.11.2006 : PHPAdventure "_mygamefile" Parameter Remote PHP File Inclusion Vulnerability
08.11.2006 : PHP Classifieds "user_id" Parameter Handling Remote SQL Injection Vulnerability
07.11.2006 : Advanced Guestbook "include_path" Parameter PHP File Inclusion Vulnerability
07.11.2006 : OpenEMR "srcdir" Parameter Handling Remote PHP File Inclusion Vulnerabilities
07.11.2006 : iWare Professional "PostMessage()" Remote Command Injection Vulnerability
07.11.2006 : Redhat Security Update Fixes PHP Remote Command Execution Vulnerabilities
07.11.2006 : Fedora Security Update Fixes PHP Remote Command Execution Vulnerabilities
07.11.2006 : Debian Security Update Fixes PHP Code Execution and Security Bypass Issues
06.11.2006 : Cyberfolio "av" Parameter Handling Remote PHP File Inclusion Vulnerabilities
06.11.2006 : MODx "base_path" Parameter Handling Remote PHP File Inclusion Vulnerability
06.11.2006 : Drake CMS "d_root" Variable Handling Remote PHP File Inclusion Vulnerabilities
06.11.2006 : phpDynaSite "racine" Variable Handling Remote PHP File Inclusion Vulnerabilities
06.11.2006 : SazCart "_saz[settings][shippingfolder]" Parameter PHP File Inclusion Vulnerability
06.11.2006 : OpenPKG Security Update Fixes PHP Remote Command Execution Vulnerabilities
04.11.2006 : Slackware Security Update Fixes PHP Remote Command Execution Vulnerabilities
03.11.2006 : Mandriva Security Update Fixes PHP Remote Command Execution Vulnerabilities
03.11.2006 : Ubuntu Security Update Fixes PHP Remote Command Execution Vulnerabilities
03.11.2006 : HP System Management Homepage Multiple PHP Code Execution Vulnerabilities
03.11.2006 : PHP Remote Command Execution and Multiple Security Bypass Vulnerabilities
01.11.2006 : P-Book "pb_lang" Parameter Handling Remote PHP File Inclusion Vulnerabilities
31.10.2006 : Gentoo Security Update Fixes PHP "ecalloc()" Remote Integer Overflow Vulnerability
30.10.2006 : QnECMS "adminfolderpath" Parameter Handling PHP File Inclusion Vulnerabilities
30.10.2006 : PunBB Multiple Remote SQL Injection and Local File Inclusion Vulnerabilities
29.10.2006 : MP3 Streaming DownSampler for PHP "fullpath" Remote File Inclusion Vulnerability
29.10.2006 : N/X WCMS "c[path]" Parameter Handling Remote PHP File Inclusion Vulnerability
29.10.2006 : miniBB "pathToFiles" Parameter Handling Remote PHP File Inclusion Vulnerability
26.10.2006 : Multi-Page Comment System "path" Parameter PHP File Inclusion Vulnerabilities
26.10.2006 : ask_rave "footfile" Parameter Handling Remote PHP File Inclusion Vulnerability
25.10.2006 : Ascended Guestbook "CONFIG[path]" Parameter PHP File Inclusion Vulnerability
25.10.2006 : Net_DNS "phpdns_basedir" Parameter Handling PHP File Inclusion Vulnerability
25.10.2006 : OTSCMS Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
25.10.2006 : Intelimen InteliEditor "sys_path" Parameter Remote PHP File Inclusion Vulnerability
24.10.2006 : Wiclear "path" Parameter Handling Remote PHP File Inclusion Vulnerabilities
24.10.2006 : Fully Modded phpBB Multiple Parameter Handling PHP File Inclusion Vulnerabilities
23.10.2006 : Virtual Law Office "phpc_root_path" Parameter PHP File Inclusion Vulnerabilities
23.10.2006 : castor "rootpath" Parameter Handling Remote PHP File Inclusion Vulnerabilities
20.10.2006 : pandaBB "adminpath" and "basepath" Remote PHP File Inclusion Vulnerabilities
20.10.2006 : Fedora Security Update Fixes PHP Multiple Buffer and Integer Overflow Issues
19.10.2006 : phpPowerCards "txt.inc.php" Multiple Parameter PHP Code Injection Vulnerability
19.10.2006 : Comdev Forum "path[docroot]" Variable Remote PHP File Inclusion Vulnerability
18.10.2006 : Php AMX "plug_path" Parameter Handling Remote File Inclusion Vulnerability
18.10.2006 : Brim "renderer" Parameter Handling Remote PHP File Inclusion Vulnerabilities
18.10.2006 : Lodel "home" Parameter Handling Remote PHP File Inclusion Vulnerability
18.10.2006 : Mandriva Security Update Fixes PHP Multiple Restrictions Bypass Vulnerabilities
18.10.2006 : OpenPKG Security Update Fixes PHP Security Bypass and Integer Overflow Issues
17.10.2006 : PHPmybibli Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
16.10.2006 : CDS Agenda "AGE" Parameter Handling Remote PHP File Inclusion Vulnerability
16.10.2006 : IncCMS Core "inc_dir" Parameter Handling Remote PHP File Inclusion Vulnerability
16.10.2006 : phpMyConference "lvc_include_path" Parameter PHP File Inclusion Vulnerability
13.10.2006 : Softerra PHP Developer Library "lib_dir" Variable PHP File Inclusion Vulnerabilities
13.10.2006 : Download-Engine "spaw_root" Parameter Handling PHP File Inclusion Vulnerability
12.10.2006 : n@board "skin" Parameter Handling Remote PHP File Inclusion Vulnerability
12.10.2006 : Minichat "mostrar" Parameter Handling Remote PHP File Inclusion Vulnerability
12.10.2006 : PHP News Reader "CFG[auth_phpbb_path]" Variable File Inclusion Vulnerability
12.10.2006 : Leicestershire Community Portals "cp_root_path" PHP File Inclusion Vulnerability
11.10.2006 : JASmine "section" Parameter Handling Remote PHP File Inclusion Vulnerability
11.10.2006 : Softerra PHPLibrary "lib_dir" Parameter Handling PHP File Inclusion Vulnerabilities
11.10.2006 : Ubuntu Security Update Fixes PHP Security Bypass and Integer Overflow Issues
11.10.2006 : SuSE Security Update Fixes PHP "ecalloc()" Remote Integer Overflow Vulnerability
10.10.2006 : OpenDock Easy Doc "doc_directory" Parameter PHP File Inclusion Vulnerabilities
10.10.2006 : OpenDock Easy Blog "doc_directory" Parameter PHP File Inclusion Vulnerabilities
09.10.2006 : FreeForum "fpath" Parameter Handling Remote PHP File Inclusion Vulnerability
06.10.2006 : Trustix Security Update Fixes Openldap Security Bypass and PHP Code Execution
05.10.2006 : Redhat Security Update Fixes PHP "ecalloc()" Integer Overflow Vulnerability
05.10.2006 : Mandriva Security Update Fixes PHP "ecalloc()" Integer Overflow Vulnerability
05.10.2006 : phpMyTeam "smileys_dir" Parameter Remote PHP File Inclusion Vulnerability
05.10.2006 : PHP Classifieds "catid_search" and "catid" Remote SQL Injection Vulnerabilities
05.10.2006 : Dimension of phpBB "phpbb_root_path" Remote PHP File Inclusion Vulnerabilities
05.10.2006 : PHP "ecalloc()" Function Data Handling Remote Integer Overflow Vulnerability
05.10.2006 : Mambo "passwd" Variable SQL Injection and Authentication Bypass Vulnerability
04.10.2006 : PHP "symlink()" and "session_save_path" Local Restrictions Bypass Vulnerabilities
03.10.2006 : IMCE Module for Drupal Arbitrary File Deletion and Script Upload Vulnerabilities
03.10.2006 : BBaCE "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
03.10.2006 : Minerva "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
29.09.2006 : PHProjekt Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
29.09.2006 : phpBB XS "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
28.09.2006 : Comdev News Publisher "path[docroot]" Parameter PHP File Inclusion Vulnerability
28.09.2006 : Comdev Links Directory "path[docroot]" Parameter PHP File Inclusion Vulnerability
28.09.2006 : Comdev Photo Gallery "path[docroot]" Parameter PHP File Inclusion Vulnerability
27.09.2006 : WEB//NEWS "WN_BASEDIR" Parameter Remote PHP File Inclusion Vulnerability
27.09.2006 : PHP Invoice "alert" and "msg" Parameters Cross Site Scripting Vulnerabilities
26.09.2006 : IM Portal "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
26.09.2006 : BrudaNews and BrudaGB "o" Parameter Remote PHP File Inclusion Vulnerability
26.09.2006 : PBLang "temppath" Parameter Handling Remote PHP File Inclusion Vulnerability
25.09.2006 : e-Vision CMS Remote SQL Injection and Arbitrary PHP File Upload Vulnerabilities
25.09.2006 : syntaxCMS "init_path" Variable Handling Remote PHP File Inclusion Vulnerability
21.09.2006 : Php Blue Dragon CMS Multiple Remote File Inclusion and SQL Injection Issues
21.09.2006 : Redhat Security Update Fixes PHP Functions Multiple Buffer Overflow Issues
21.09.2006 : SuSE Security Update Fixes PHP Safe Mode Bypass and Buffer Overflow Issues
20.09.2006 : BCWB "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability
19.09.2006 : PHPQuiz Remote SQL Query Injection and Arbitrary PHP File Upload Vulnerabilities
18.09.2006 : PNphpBB "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
18.09.2006 : Limbo Multiple Parameter Remote File Inclusion and Code Injection Vulnerabilities
18.09.2006 : aeDating "dir[inc]" Parameter Handling Remote PHP File Inclusion Vulnerabilities
18.09.2006 : ReviewPost PHP Pro "RP_PATH" Parameter Remote File Inclusion Vulnerabilities
18.09.2006 : Unak-CMS "dirroot" Parameter Handling Remote PHP File Inclusion Vulnerabilities
18.09.2006 : MobilePublisherPHP "abspath" Parameter Handling File Inclusion Vulnerability
18.09.2006 : phpBB XS "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability
15.09.2006 : PHPDocWriter "script" Parameter Handling Remote File Inclusion Vulnerability
15.09.2006 : TeamCal "tc_config[app_root]" Parameter Remote PHP File Inclusion Vulnerability
14.09.2006 : Serverstat for Mambo "mosConfig_absolute_path" PHP File Inclusion Vulnerability
14.09.2006 : Tagger LE HTTP Requests Handling Remote PHP Code Injection Vulnerabilities
13.09.2006 : Vmist Downstat "art" Parameter Handling Remote PHP File Inclusion Vulnerabilities
13.09.2006 : p4CMS "abs_pfad" Parameter Handling Remote PHP File Inclusion Vulnerability
12.09.2006 : phpBB XS "phpbb_root_path" Parameter Handling PHP File Inclusion Vulnerability
12.09.2006 : PayProCart Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities
11.09.2006 : Vivvo Article Management CMS SQL Injection and PHP File Inclusion Vulnerabilities
11.09.2006 : Timesheet PHP "username" Variable Handling Remote SQL Injection Vulnerability
08.09.2006 : DokuWiki "TARGET_FN" Directory Traversal and Code Execution Vulnerability
08.09.2006 : Somery "skindir" Parameter Handling Remote PHP File Inclusion Vulnerability
08.09.2006 : Ubuntu Security Update Fixes PHP Safe Mode Bypass and Buffer Overflow Issues
08.09.2006 : Mandriva Security Update Fixes PHP Safe Mode Bypass and Buffer Overflow Issues
07.09.2006 : BinGoPHP News "bnrep" Parameter Handling Multiple File Inclusion Vulnerabilities
07.09.2006 : phpFullAnnu "repmod" Parameter Handling Remote PHP File Inclusion Vulnerability
