config basedir software vulnerabilities
vulnerabilities.aspcode.net
Searching config basedir software vulnerabilities
PHP remote file inclusion vulnerability in publ
publish_xp_docsphp
|
vulnerability
|
inclusion
|
Gallery
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter.
publish_xp_docs.php in Gallery 1.3.2 allows rem
publish_xp_docsphp
|
Gallery
|
publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.
PHP 4.0 with cURL functions allows remote attac
open_basedir
|
attackers
|
functions
|
arbitrary
|
setting
|
bypass
|
allows
|
remote
|
files
|
read
|
cURL
|
via
|
PHP
|
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
PHP remote file inclusion vulnerability in apa_
apa_phpincludeincphp
|
vulnerability
|
inclusion
|
Atomic
|
remote
|
Photo
|
Album
|
file
|
PHP
|
PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in Atomic Photo Album (APA) allows remote attackers to execute arbitrary PHP code via the apa_module_basedir parameter.
Multiple vulnerabilities in PHP before 4.4.1 al
vulnerabilities
|
Multiple
|
before
|
PHP
|
Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.
Unspecified vulnerability in PHP before 4.4.1,
vulnerability
|
Unspecified
|
before
|
PHP
|
Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
config/config_inc.php in iGENUS Webmail 2.02 an
config/config_incphp
|
Webmail
|
iGENUS
|
config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter.
Directory traversal vulnerability in file.c in
vulnerability
|
Directory
|
traversal
|
filec
|
PHP
|
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.
cPanel does not automatically synchronize the P
automatically
|
configuration
|
restrictions
|
open_basedir
|
directories
|
synchronize
|
directive
|
physical
|
virtual
|
between
|
bypass
|
access
|
cPanel
|
server
|
script
|
allow
|
other
|
local
|
might
|
hosts
|
share
|
which
|
uses
|
does
|
user
|
main
|
URL
|
PHP
|
not
|
via
|
cPanel does not automatically synchronize the PHP open_basedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script that uses a main server URL (such as ~username) that is blocked by the user's own open_basedir directive, but not the main server's open_basedir directive.
PHP remote file inclusion vulnerability in clas
classes/queryclassphp
|
vulnerability
|
dotProject
|
inclusion
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter.
PHP remote file inclusion vulnerability in incl
includes/pear/Net/DNS/RRphp
|
vulnerability
|
inclusion
|
ProgSys
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
PHP remote file inclusion vulnerability in pars
parse/parserphp
|
vulnerability
|
WEB//NEWS
|
inclusion
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
PHP remote file inclusion vulnerability in clas
classes/Import_MMclassphp
|
vulnerability
|
PHPRecipeBook
|
inclusion
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in classes/Import_MM.class.php in PHPRecipeBook 2.36, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the g_rb_basedir parameter.
PHP remote file inclusion vulnerability in DNS/
vulnerability
|
inclusion
|
DNS/RRphp
|
Net_DNS
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
PHP remote file inclusion vulnerability in comm
vulnerability
|
commonincphp
|
cm_basedir
|
attackers
|
parameter
|
arbitrary
|
inclusion
|
a-ConMan
|
execute
|
remote
|
allows
|
code
|
beta
|
file
|
PHP
|
via
|
URL
|
PHP remote file inclusion vulnerability in common.inc.php in a-ConMan 3.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the cm_basedir parameter.
PHP remote file inclusion vulnerability in exte
external/rssfeedsphp
|
vulnerability
|
Sitestats
|
inclusion
|
remote
|
file
|
PHP
|
BSQ
|
PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to execute arbitrary PHP code via the baseDir parameter.
The imap_body function in PHP before 4.4.4 does
imap_body
|
function
|
before
|
PHP
|
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
PHP before 5.2.1 allows attackers to bypass saf
before
|
PHP
|
PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
The session extension in PHP before 5.2.4 might
extension
|
session
|
before
|
PHP
|
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
Directory traversal vulnerability in PHP before
vulnerability
|
Directory
|
traversal
|
before
|
PHP
|
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function.
Software vulnerabilities results 1 to 20 of 225
Page:
1
2
3
4
5
...
12
►