Total
3676 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1410 | 1 Isoca | 1 Cedric Email Reader | 2024-11-20 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2 and 0.3 allows remote attackers to execute arbitrary PHP code via the cer_skin parameter. | |||||
| CVE-2003-1406 | 1 Adalis Infomatique | 1 D Forum | 2024-11-20 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. | |||||
| CVE-2003-1385 | 1 Invision Power Services | 1 Invision Power Board | 2024-11-20 | 6.8 MEDIUM | N/A |
| ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-1253 | 1 Sangwan Kim | 1 Bookmark4u | 2024-11-20 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php. | |||||
| CVE-2003-1240 | 1 Cutephp | 1 Cutenews | 2024-11-20 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php. | |||||
| CVE-2003-1227 | 1 Gallery Project | 1 Gallery | 2024-11-20 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue might be exploitable only during installation, or if the administrator has not run a security script after installation. | |||||
| CVE-2003-0498 | 1 Intersystems | 1 Cache Database | 2024-11-20 | 7.2 HIGH | N/A |
| Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges. | |||||
| CVE-2003-0395 | 1 Myupb | 1 Ultimate Php Board | 2024-11-20 | 7.5 HIGH | N/A |
| Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php. | |||||
| CVE-2002-2319 | 1 Mysimplenews | 1 Mysimplenews | 2024-11-20 | 7.5 HIGH | N/A |
| Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3. | |||||
| CVE-2002-2299 | 1 Atthat.com | 1 Thatware | 2024-11-20 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in thatfile.php in Thatware 0.3 through 0.5.2 allows remote attackers to execute arbitrary PHP code via the root_path parameter. | |||||
| CVE-2002-2298 | 1 Atthat.com | 1 Thatware | 2024-11-20 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in config.php in Thatware 0.3 through 0.5.3 allows remote attackers to execute arbitrary PHP code via the root_path parameter. | |||||
| CVE-2002-2297 | 1 Atthat.com | 1 Thatware | 2024-11-20 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in artlist.php in Thatware 0.5.2 and 0.5.3 allows remote attackers to execute arbitrary PHP code via the root_path parameter. | |||||
| CVE-2002-2287 | 1 Phpbb | 1 Advanced Quick Reply Hack | 2024-11-20 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in quick_reply.php for phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. | |||||
| CVE-2002-2249 | 1 Php Evolution | 1 News Evolution | 2024-11-20 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to (1) backend.php, (2) screen.php, or (3) admin/modules/comment.php. | |||||
| CVE-2002-2019 | 1 Oscommerce | 1 Oscommerce | 2024-11-20 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter. | |||||
| CVE-2002-1991 | 1 Oscommerce | 1 Oscommerce | 2024-11-20 | 7.5 HIGH | N/A |
| PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php. | |||||
| CVE-2002-1753 | 1 Cgiscript | 1 Csnews Professional | 2024-11-20 | 7.5 HIGH | N/A |
| csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | |||||
| CVE-2002-1752 | 1 Cgiscript | 1 Cschat-r-box | 2024-11-20 | 7.5 HIGH | N/A |
| csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | |||||
| CVE-2002-1750 | 1 Cgiscript | 1 Csguestbook | 2024-11-20 | 7.5 HIGH | N/A |
| csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | |||||
| CVE-2002-0495 | 1 Cgiscript | 1 Cssearch Professional | 2024-11-20 | 10.0 HIGH | N/A |
| csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi. | |||||