A remote file include vulnerability exists in PHPBB RPG Events 1.0.0. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system. This can be exploited by sending a specially crafted HTTP request containing a malicious URL in the 'phpbb_root_path' parameter to the vulnerable script.
SpamOborona PHPBB Plugin is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
A vulnerability in phpBB lat2cyr 1.0.1 allows remote attackers to execute arbitrary code by including a URL in the lang_iso parameter to lat2cyr.php.
This exploit allows an attacker to execute arbitrary code on the vulnerable server by including a remote file through a vulnerable PHP page. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'news_defilante_horizontale_FR_v4.1.1_path' parameter in 'news_defilante_horizontale_FR_v4.1.1.php' script.
A local denial of service vulnerability exists in FreeBSD due to a lack of proper validation of user-supplied input when setting a scheduler policy. An attacker can exploit this vulnerability by running a specially crafted program that sets a scheduler policy, resulting in a denial of service condition.
A local denial of service vulnerability exists in FreeBSD due to an incorrect handling of ftruncate() requests for non-VREG, VDIR and shared memory objects. An attacker can exploit this vulnerability by creating a FIFO file and then calling ftruncate() on it with a large size argument, resulting in a system crash.
Variable $topdir not sanitized.When register_globals=on an attacker can exploit this vulnerability with a simple php injection script.
A remote file include vulnerability exists in phpBB PlusXL 2.X biuld 272. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system. The vulnerability is due to the 'includes/functions.php' script not properly sanitizing user-supplied input to the 'phpbb_root_path' parameter. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request containing a URL in the 'phpbb_root_path' parameter.
A remote file include vulnerability exists in maluinfo 206.2.38 ( brazilian PHPBB ) which allows an attacker to execute arbitrary code on the vulnerable system. This is due to the application failing to properly sanitize user-supplied input before using it in an include() call. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system.
Open Conference Systems version 1.1.3 and prior are vulnerable to a remote file inclusion vulnerability. This vulnerability is due to the application failing to properly sanitize user-supplied input to the 'fullpath' parameter of the 'theme.inc.php' and 'footer.inc.php' scripts. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system with the privileges of the webserver process.
Services By CQR