• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-Other

CVE-2007-2096

February 26, 2023 by

PHP remote file inclusion vulnerability in common.php in Hinton Design PHPHD Download System (phphd_downloads) allows remote attackers to execute arbitrary PHP code via a URL in the phphd_real_path parameter. NOTE: this issue may be present in versions from 2006.

CVE-2007-2097

February 26, 2023 by

** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End CMS 0.4.7 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter to (1) click.php or (2) pollcollector.php in htdocs/; or (3) index.php, (4) articlepages.php, (5) articles.php, (6) articleform.php, (7) articlesections.php, (8) createArticlesPage.php, (9) guestbook.php, (10) helpguide.php, (11) helpguideeditor.php, (12) links.php, (13) upload.php, (14) sitestatistics.php, (15) nav.php, (16) tpl_upload.php, (17) linksections, or (18) pophelp.php in htdocs/site-admin/; different vectors than CVE-2006-5076. NOTE: this issue is disputed by a third party, who states that $includes_path is defined before use.

CVE-2007-2018

February 26, 2023 by

SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.

CVE-2007-2019

February 26, 2023 by

PHP remote file inclusion vulnerability in init.gallery.php in phpGalleryScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the include_class parameter.

CVE-2007-2020

February 26, 2023 by

** DISPUTED ** Unspecified vulnerability in administration.php in xodagallery allows remote attackers to execute arbitrary code via the cmd parameter. NOTE: CVE disputes this vulnerability because administration.php does not use the cmd parameter for inclusion.

CVE-2007-2021

February 26, 2023 by

Multiple PHP remote file inclusion vulnerabilities in Pineapple Technologies Lore 1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang_path parameter to third_party/phpmailer/class.phpmailer.php or the (2) get_plugin_file_path parameter to third_party/smarty/libs/plugins/function.html_checkboxes.php. NOTE: the affected files might be from other software packages, so this might not be a vulnerability in Lore itself. NOTE: (1) might be the same issue as CVE-2006-5734.4.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 358
  • Go to page 359
  • Go to page 360
  • Go to page 361
  • Go to page 362
  • Interim pages omitted …
  • Go to page 940
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE