| CVE-2007-6396 (Flat PHP Board) |
| Direct static code injection vulnerability in index.php in Flat PHP Board 1.2 and earlier allows remote attackers to inject arbitrary PHP code via the (1) username, (2) password, and (3) ... |
|
| Cve-2007-5900 (php) |
| PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625. ... |
|
| CVE-2007-6323 (MMS Gallery PHP) |
| Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) ... |
|
| CVE-2007-5983 (AutoIndex PHP Script) |
| Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5 |
|
