Vulnerabilities > Aroundme > Aroundme > 0.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-12-10 | CVE-2009-4264 | Code Injection vulnerability in multiple products PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the language_path parameter. | 6.8 |
2006-10-18 | CVE-2006-5401 | Remote File Include vulnerability in Aroundme 0.5.1 PHP remote file inclusion vulnerability in template/barnraiser_01/p_new_password.tpl.php in AROUNDMe 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter. | 7.5 |