An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This request contains a maliciously crafted URL in the 'skin' parameter which can be used to include a malicious file from a remote server.
A vulnerability in Jinzora <= 2.1 allows remote attackers to execute arbitrary code via a URL in the include_path parameter to media.php.
PHPLibrary version 1.5.3 is vulnerable to a Remote File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable application. The malicious URL contains a malicious file which is then included and executed by the vulnerable application.
Claroline is vulnerable to a remote file inclusion vulnerability due to a lack of proper sanitization of user-supplied input to the 'includePath' parameter of the 'import.lib.php' script. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system.
Exhibit Engine 1.5 RC 4 is vulnerable to a remote file include vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system.
Input passed to the "$calpath" parameter in update.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or externa resources.
A vulnerability in Album Photo Sans Nom v1.6 allows an attacker to include arbitrary files via the 'img' parameter in the 'getimg.php' script. This can be exploited to disclose the source code of the vulnerable script by passing the path to the 'config.inc.php' file.
This exploit allows an attacker to inject malicious code into the access.log file of the phpMyAgenda application. This code can then be used to execute arbitrary commands on the vulnerable system.
Flatnuke 2.5.8 is vulnerable to an arbitrary local inclusion/delete all users exploit. This exploit allows an attacker to delete all users from the Flatnuke 2.5.8 application. The exploit works regardless of php.ini settings.
docmint <= 2.0 is vulnerable to a remote file inclusion vulnerability. This vulnerability allows an attacker to include a remote file, usually through a maliciously constructed URL. This can allow an attacker to execute arbitrary code on the server.
Services By CQR