CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3CVE-2006-3676
https://notcve.org/view.php?id=CVE-2006-3676
21 Jul 2006 — admin/gallery_admin.php in planetGallery before 14.07.2006 allows remote attackers to execute arbitrary PHP code by uploading files with a double extension and directly accessing the file in the images directory, which bypasses a regular expression check for safe file types. admin/gallery_admin.php en planetGallery anterior a 14.07.2006 permite a atacantes remotos ejecutar código PHP de su elección a través de la actualización de archivos con una doble extensión y accedidos directamente en el directorio de ... • http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0434.html •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2006-3553
https://notcve.org/view.php?id=CVE-2006-3553
13 Jul 2006 — PlaNet Concept planetNews allows remote attackers to bypass authentication and execute arbitrary code via a direct request to news/admin/planetnews.php. PlaNet Concept planetNews permite a atacantes remotos evitar la autenticació y ejecutar código de su elección medainte una petición directa de news/admin/planetnews.php. • http://securityreason.com/securityalert/1222 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-2338
https://notcve.org/view.php?id=CVE-2006-2338
12 May 2006 — PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the (1) admin.php or (2) settings.php page. • http://securityreason.com/securityalert/874 •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 2CVE-2006-2116 – PlanetGallery - 'Gallery_admin.php' Authentication Bypass
https://notcve.org/view.php?id=CVE-2006-2116
01 May 2006 — planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php. • https://www.exploit-db.com/exploits/27784 •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 2CVE-2006-1801 – PlanetSearch + - 'Planetsearchplus.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-1801
18 Apr 2006 — Cross-site scripting (XSS) vulnerability in planetsearchplus.php in planetSearch+ allows remote attackers to inject arbitrary web script or HTML via the search_exp parameter. • https://www.exploit-db.com/exploits/27644 •