Search Results (6957 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5140 1 Integramod 1 Nederland 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2009-3306 1 Richrumble 1 Clearsite 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/header.php in ClearSite 4.50 allows remote attackers to execute arbitrary PHP code via a URL in the cs_base_path parameter.
CVE-2009-3307 1 Frank Lichtenheld 1 Fsphp 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in FSphp 0.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the FSPHP_LIB parameter to (1) FSphp.php, (2) navigation.php, and (3) pathwrite.php in lib/.
CVE-2009-3312 1 Tomex 1 Phppollscript 2026-04-23 N/A
PHP remote file inclusion vulnerability in php/init.poll.php in phpPollScript 1.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a crafted URL in the include_class parameter.
CVE-2009-3317 1 Thecodeweasel 1 Opensiteadmin 2026-04-23 N/A
PHP remote file inclusion vulnerability in pages/pageHeader.php in OpenSiteAdmin 0.9.7 BETA allows remote attackers to execute arbitrary PHP code via a URL in the path parameter, a different vector than CVE-2008-0648.
CVE-2009-3323 1 Robig 1 Barosmini 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in BAnner ROtation System mini (BAROSmini) 0.32.595 allow remote attackers to execute arbitrary PHP code via a URL in the baros_path parameter to (1) include/common_functions.php, and the main_path parameter to (2) lib_users.php, (3) lib_stats.php, and (4) lib_slots.php in include/lib/.
CVE-2009-3324 1 Andres G Aragoneses 1 Prodler 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/prodler.class.php in ProdLer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sPath parameter.
CVE-2009-3331 1 Ddlcms 1 Ddl Cms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in DDL CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the wwwRoot parameter to (1) header.php, (2) submit.php, (3) submitted.php, and (4) autosubmitter/index.php.
CVE-2009-3333 2 Alibasta, Mambo 2 Com Koesubmit, Mambo 2026-04-23 N/A
PHP remote file inclusion vulnerability in koesubmit.php in the koeSubmit (com_koesubmit) component 1.0 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2009-3362 1 Sznews 1 Sznews 2026-04-23 N/A
PHP remote file inclusion vulnerability in printnews.php3 in SZNews 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.
CVE-2009-3365 1 Traza 1 Aurora 2026-04-23 N/A
PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.
CVE-2009-4210 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-23 N/A
The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content.
CVE-2009-4220 1 Raphael Mazoyer 1 Pointcomma 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/classes/pctemplate.php in PointComma 3.8b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pcConfig[smartyPath] parameter.
CVE-2009-4223 1 Gianni Tommasi 1 Kr-php Web Content Server 2026-04-23 N/A
PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1.1b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
CVE-2009-4264 2 Aroundme, Barnraiser 2 Aroundme, Aroundme 2026-04-23 N/A
PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the language_path parameter.
CVE-2007-5139 1 Chupix 1 Chupix Cms 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/include/header.php in chupix 0.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter.
CVE-2009-4311 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-23 N/A
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615.
CVE-2009-4312 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-23 N/A
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe.
CVE-2009-4319 1 Eocms 1 Eocms 2026-04-23 N/A
PHP remote file inclusion vulnerability in js/bbcodepress/bbcode-form.php in eoCMS 0.9.03 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BBCODE_path parameter.
CVE-2009-4431 2 Anything-digital, Joomla 2 Com Jcalpro, Joomla\! 2026-04-23 N/A
PHP remote file inclusion vulnerability in cal_popup.php in the Anything Digital Development JCal Pro (aka com_jcalpro or JCP) component 1.5.3.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.