| Affected: |  | WORDPRESS : WordPress 2.0 |
| | | WORDPRESS : WordPress 2.1 |
| | | WEBSPELL : webSPELL 3.01 |
| | | CONNECTIX : Connectix Boards 0.7 |
| | | DBIMAGEGALLERY : DBImageGallery 1.2 |
| | | DBGUESTBOOK : DBGuestBook 1.1 |
| | | DZCP : deV!Lz Clanportal 1.4 |
| | | ULTIMATEFUNBOARD : Ultimate Fun Book 1.02 |
| | | ONLINEWEBBUILDIN : Online Web Building 2.0 |
| | | PEANUTKB : Peanut Knowledge Base 0.0 |
| | | FLASHGAMESCRIPT : FlashGameScript 1.5 |
| | | DESIGN4ONLINE : UserPages2 2.0 |
| CVE: |  | CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. NOTE: this can be leveraged with a separate SQL injection issue for remote unauthenticated attacks.) |
| | | CVE-2007-1254 (SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php.) |
| | | CVE-2007-1167 (inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.) |
| | | CVE-2007-1165 (Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the dbs_base_path parameter to (1) utils.php, (2) guestbook.php, or (3) views.php in includes/.) |
| | | CVE-2007-1164 (Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the donsimg_base_path parameter to (1) attributes.php, (2) images.php, or (3) scan.php in admin/; or (4) attributes.php, (5) db_utils.php, (6) images.php, (7) utils.php, or (8) values.php in includes/.) |
| | | CVE-2007-1147 (PHP remote file inclusion vulnerability in view.php in hbm allows remote attackers to execute arbitrary PHP code via a URL in the hbmpath parameter.) |
| | | CVE-2007-1146 (PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter.) |
| | | CVE-2007-1078 (PHP remote file inclusion vulnerability in index.php in FlashGameScript 1.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the func parameter.) |
| | | CVE-2007-1077 (SQL injection vulnerability in page.asp in Design4Online UserPages2 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.) |
| | | CVE-2007-1059 (PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the gbpfad parameter. NOTE: some sources mention "Ultimate Fun Board," but this appears to be an error.) |
| | | CVE-2007-1058 (SQL injection vulnerability in user_pages/page.asp in Online Web Building 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter.) |
| | | CVE-2007-1049 (Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and possibly other vectors involving the action variable.) |
| | | CVE-2007-1039 (Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 and earlier has unknown impact and attack vectors.) |
