Vulnerabilities > Mxbb > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-03 | CVE-2007-5178 | Code Injection vulnerability in Mxbb MX Glance 2.3.3 contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the mx_root_path parameter. | 6.8 |
| 2006-12-20 | CVE-2006-6650 | Remote File Include vulnerability in MXBB Charts Module Module_Root_Path PHP remote file inclusion vulnerability in charts_constants.php in the Charts (mx_charts) 1.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. network mxbb | 6.8 |
| 2006-12-20 | CVE-2006-6644 | Remote File Include vulnerability in MXBB Meeting Module Module_Root_Path PHP remote file inclusion vulnerability in pages/meeting_constants.php in the Meeting (mx_meeting) 1.1.2 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. network mxbb | 6.8 |
| 2006-12-05 | CVE-2006-6295 | Remote File Include vulnerability in Mxbb MX Tinies 1.3.0 PHP remote file inclusion vulnerability in includes/mx_common.php in the mx_tinies 1.3.0 Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. network mxbb | 6.8 |
| 2006-11-22 | CVE-2006-6065 | Remote File Include vulnerability in Mxbb Calsnails Module 1.06 PHP remote file inclusion vulnerability in includes/mx_common.php in the CalSnails Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 5.1 |