Vulnerabilities > Aroundme > Aroundme
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-12-10 | CVE-2009-4264 | Code Injection vulnerability in multiple products PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the language_path parameter. | 6.8 |
2006-10-26 | CVE-2006-5533 | Remote Security vulnerability in AROUNDMe Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9, and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter in template/barnraiser_01/pol_view.tpl.php and other unspecified PHP scripts, a different vector than CVE-2006-5401. | 5.1 |
2006-10-18 | CVE-2006-5401 | Remote File Include vulnerability in Aroundme 0.5.1 PHP remote file inclusion vulnerability in template/barnraiser_01/p_new_password.tpl.php in AROUNDMe 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter. | 7.5 |