CVSS: 6.8EPSS: 7%CPEs: 1EXPL: 1CVE-2007-5185 – PHP wcms XT 0.0.7 - Multiple Remote File Inclusions
https://notcve.org/view.php?id=CVE-2007-5185
Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 BETA and earlier allow remote attackers to execute arbitrary PHP code via a URL in the HTML_MENU_DirPath parameter to (1) config_HTML_MENU.php and (2) config_PHPLM.php in phpwcms_template/inc_script/frontend_render/navigation/. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en phpWCMS XT 0.0.7 BETA y anteriores permiten a atacantes remotos ejecutar código PHP de su elección mediante un URL en el parámetro HTML_MENU_DirPath de (1) config_HTML_MENU.php y (2) config_PHPLM.php en phpwcms_template/inc_script/frontend_render/navigation/. • https://www.exploit-db.com/exploits/4477 http://osvdb.org/38591 http://osvdb.org/38592 http://www.securityfocus.com/bid/25879 http://www.vupen.com/english/advisories/2007/3332 https://exchange.xforce.ibmcloud.com/vulnerabilities/36905 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2006-7019
https://notcve.org/view.php?id=CVE-2006-7019
phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via crafted arguments to the (1) text_evento and (2) email_eventonome_evento parameters to phpwcms_code_snippets/mail_file_form.php and sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. phpwcms 1.2.5-DEV y anteriores, y 1.1 anterior a RC4, permite a atacantes remotos ejecutar código de su elección a través de argumentos manipulados en los parámetros (1) text_evento y (2) email_eventonome_evento en phpwcms_code_snippets/mail_file_form.php y sample_ext_php/mail_file_form.php, lo cual es procesado por la función render_PHPcode. NOTA: la procedencia de esta información es desconocida; los detalles han sido obtenidos a partir de la información de terceros. • http://secunia.com/advisories/19866 http://www.phpwcms.de/forum/viewtopic.php?t=10958 http://www.vupen.com/english/advisories/2006/1556 https://exchange.xforce.ibmcloud.com/vulnerabilities/26126 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 2CVE-2006-6886
https://notcve.org/view.php?id=CVE-2006-6886
phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive information via a direct request for (1) files.public-userroot.inc.php or (2) files.private.additions.inc.php in include/inc_lib/, which reveals the path in various error messages. phpwcms 1.2.5-DEV permite a un atacante remoto obtener información sensible a través de una respuesta directa para (1) files.public-userroot.inc.php o (2) files.private.additions.inc.php en include/inc_lib/, lo cual revela la ruta en varios mensajes de error. • http://archives.neohapsis.com/archives/bugtraq/2006-05/0423.html http://www.kapda.ir/advisory-331.html http://www.osvdb.org/25752 http://www.osvdb.org/25753 http://www.vupen.com/english/advisories/2006/1934 https://exchange.xforce.ibmcloud.com/vulnerabilities/26637 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.6EPSS: 2%CPEs: 1EXPL: 1CVE-2006-2519
https://notcve.org/view.php?id=CVE-2006-2519
Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DEV allows remote attackers to include arbitrary local files via .. (dot dot) sequences in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in SPAW Editor PHP Edition. • http://secunia.com/advisories/20239 http://securityreason.com/securityalert/939 http://www.kapda.ir/advisory-331.html http://www.osvdb.org/25756 http://www.securityfocus.com/archive/1/434706/100/0/threaded http://www.securityfocus.com/bid/18062 http://www.vupen.com/english/advisories/2006/1934 https://exchange.xforce.ibmcloud.com/vulnerabilities/26639 •
CVSS: 2.6EPSS: 1%CPEs: 1EXPL: 1CVE-2006-2518
https://notcve.org/view.php?id=CVE-2006-2518
Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows remote attackers to inject arbitrary web script or HTML via the BL[be_cnt_plainhtml] parameter to include/inc_tmpl/content/cnt6.inc.php. • http://secunia.com/advisories/20239 http://securityreason.com/securityalert/939 http://www.kapda.ir/advisory-331.html http://www.securityfocus.com/archive/1/434706/100/0/threaded http://www.securityfocus.com/bid/18063 http://www.vupen.com/english/advisories/2006/1934 https://exchange.xforce.ibmcloud.com/vulnerabilities/26638 •