PHP : Remote file inclusion prevention : suspicious root_path parameter found in URL Description   Using a vulnerable script and a specially crafted root_path, or default_path parameter, an attacker could execute arbitrary PHP code on the server.       Default configuration   Profiles High Medium Low Internet Action Block Block Block Block Alarm Level Major Minor Minor Minor       References   URL: http://www.frsirt.com/english/advisories/2006/2078       Available since   ASQ v3.2.0       Protects   Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Adem "p" Arbitrary File Inclusion Vulnerability ClipShare "config_file" Arbitrary File Inclusion Vulnerability Crafty Syntax Live Help "page" Remote File Inclusion Vulnerability WordPress Crayon Syntax Highlighter Plugin "wp_load" Remote File Inclusion Vulnerability WebsitePanel "ReturnUrl" Redirection Weakness WebCalendar "pref_THEME" File Inclusion Vulnerability Mega File Manager File Disclosure and Local File Inclusion Vulnerabilities WordPress Relocate Upload Plugin "abspath" File Inclusion Vulnerability mPDF "filename" Local File Inclusion Vulnerability SourceBans "xajaxargs[]" Two Local File Inclusion Vulnerabilities WordPress BackWPup Plugin "BackWPupJobTemp" File Inclusion Vulnerability POSH Cross-Site Scripting and File Inclusion Vulnerabilities WordPress Eventify Plugin "npath" File Inclusion Vulnerability vtiger CRM Multiple Vulnerabilities ea-gBook "inc_ordner" File Inclusion Vulnerability WordPress Annonces Plugin "abspath" and "mainPluginFile" File Inclusion Vulnerabilities Joomla! JE Quote Form Component "view" File Inclusion Vulnerability WordPress Mailing List Plugin "wpabspath" File Inclusion Vulnerability WordPress WP Easy Stats Plugin "homep" File Inclusion Vulnerability WordPress TheCartPress Plugin "tcp_class_path" File Inclusion Vulnerability WordPress Zingiri Web Shop Plugin "wpabspath" File Inclusion Vulnerabilities WordPress AllWebMenus Plugin "abspath" File Inclusion Vulnerability WordPress Mini Mail Dashboard Widget Plugin Remote File Inclusion Vulnerability WordPress 1 Flash Gallery Plugin Arbitrary File Upload Vulnerability PlaySMS SMS Gateway Multiple File Inclusion Vulnerabilities TYPO3 Code Execution and Multiple Cross Site Scripting Vulnerabilities Piwik Unspecified Paramater Data Renderer Local File Inclusion Visites for Joomla "mosConfig_absolute_path" File Inclusion Vulnerability PHP Chat Module for 123 Flash Chat Local File Inclusion Vulnerability Family Connections Who is Chatting "TMPL[path]" File Inclusion Vulnerability SEF404x (com_sef) for Joomla Remote File Inclusion Vulnerability ARSC Really Simple Chat "arsc_message" Cross Site Scripting Issue Nakid CMS "core[system_path]" Parameter File Inclusion Vulnerability EZPX photoblog "tpl_base_dir" Parameter File Inclusion Vulnerability ardeaCore "pathForArdeaCore" Remote File Inclusion Vulnerability e107 Multiple Remote File Inclusion and Cross Site Scripting Issues Visitor Logger "VL_include_path" Local File Inclusion Vulnerability Groone Contact Form "abspath" Parameter File inclusion Vulnerability Nucleus Plugin NP_Gallery File inclusion and SQL Injection Vulnerabilities Nucleus Plugin NP_Twitter "DIR_PLUGINS" File inclusion Vulnerability 29o3 CMS "LibDir" Parameter Remote File Inclusion Vulnerabilities Waibrasil "conteudo" Parameter Remote File Inclusion Vulnerability Gallo "config[gfwroot]" Parameter Remote File Inclusion Vulnerability OpenMairie openAnnuaire Multiple File Inclusion Vulnerabilities OpenMairie openCimetiere "path_om" File Inclusion Vulnerabilities SoftBB Remote File Inclusion and Cross Site Scripting Vulnerabilities OpenMairie Opencourrier Multiple File Inclusion Vulnerabilities OpenMairie openReglement Multiple File Inclusion Vulnerabilities Redaxo "REX[INCLUDE_PATH]" Remote File Inclusion Vulnerabilities OpenMairie openScrutin Remote and Local File Inclusion Vulnerabilities Fw-BofF "configRootDir" and "configDBchoice" File Inclusion Issues WebMaid CMS Multiple Parameter File Inclusion Vulnerabilities notsoPureEdit "content" Parameter Remote File Inclusion Vulnerability WikyBlog "which" Parameter Cross Site Scripting Vulnerability LightOpen CMS "cwd" Parameter Remote File Inclusion Vulnerability Rezervi "root" Parameter Handling Remote File Inclusion Vulnerability Fedora Security Update Fixes PhpLDAPadmin Local File Inclusion eoCMS "BBCODE_path" Remote File Inclusion Vulnerability Zen Cart "url" Processing Remote File Disclosure Vulnerability Oscailt CMS "obj_id" Parameter Local File Inclusion Vulnerability Basic Analysis and Security Engine Multiple Remote Vulnerabilities Fedora Security Update Fixes Sahana File Disclosure Vulnerability DM Albums for WordPress "delete_album" Directory Traversal Issue TYPO3 Multiple Code Injection and Information Disclosure Vulnerabilities PHPCMS2008 "f" Parameter Arbitrary File Disclosure Vulnerability JD-WordPress for Joomla "mosConfig_absolute_path" Inclusion Issue BookLibrary for Joomla "mosConfig_absolute_path" Inclusion Vulnerability Ajax Chat for Joomla "mosConfig_absolute_path" Inclusion Vulnerability FSphp "FSPHP_LIB" Parameter Remote File Inclusion Vulnerabilities ClearSite "cs_base_path" Parameter Remote File Inclusion Vulnerability phpPollScript "include_class" Remote File Inclusion Vulnerability Aurora CMS "AURORA_MODULES_FOLDER" File Inclusion Vulnerability phpNagios "conf[lang]" Parameter Local File Inclusion Vulnerability OBOphiX "chemin_lib" Parameter Remote File Inclusion Vulnerability PHPope Multiple Parameter Remote File Inclusion Vulnerabilities FreeSchool "CLASSPATH" Parameter File Inclusion Vulnerabilities Datalife Engine "dle_config_api" Parameter File Inclusion Vulnerability Ve-EDIT Two Remote and Local File Inclusion Vulnerabilities Kingcms "CONFIG[AdminPath]" Parameter File Inclusion Vulnerability Agora for Joomla "action" Parameter Local File Inclusion Vulnerability DreamCost Multiple File Inclusion and SQL Injection Vulnerabilities phpSANE "file_save" Parameter Remote File Inclusion Vulnerability TotalCalendar SQL Injection and Local File Inclusion Vulnerabilities Moa Gallery Remote File Inclusion and File Disclosure Vulnerabilities Vtiger CRM Code Execution and Information Disclosure Vulnerabilities Gentoo Security Update Fixes DokuWiki Local File Inclusion Vulnerability OpenNews "username" Parameter Remote SQL Injection Vulnerability Tenrok Command Injection and Information Disclosure Vulnerabilities MyBackup Remote File Inclusion and Disclosure Vulnerabilities In-Portal "env" Parameter Processing Local File Inclusion Vulnerability ShopMaker Remote SQL Injection and Local File Inclusion Vulnerabilities Elgg "js" Parameter Processing Local File Inclusion Vulnerability MAXcms Remote File Inclusion and Disclosure Vulnerabilities Arab Portal "module" Parameter Local File Inclusion Vulnerability QuickDev "file" Parameter Remote File Disclosure Vulnerability ProjectButler "offset" Parameter Remote PHP File Inclusion Vulnerability iWiccle Local File Inclusion and Remote SQL Injection Vulnerabilities RaidenHTTPD "ulang" File Inclusion and Cross Site Scripting Issues Meta Search Engine "url" Remote File Disclosure Vulnerability MiniCWB "LANG" Parameter Remote File Inclusion Vulnerabilities WordPress Multiple Security Bypass and Information Disclosure Issues ADbNewsSender "path_to_lang" Local File Inclusion Vulnerability CMS Chainuk Multiple Code Injection and File Inclusion Vulnerabilities PHP-Sugar "t" Parameter Processing File Disclosure Vulnerability Kasseler CMS File Disclosure and Cross Site Scripting Vulnerabilities Campsite "g_campsiteDir" Remote and Local File Inclusion Vulnerabilities pc4 Uploader "file" Parameter Remote File Disclosure Vulnerability Fedora Security Update Fixes php-ZendFramework Local File Inclusion MooFAQ Component for Joomla "file" Local File Inclusion Vulnerability OCS Inventory NG Server SQL Injection and File Disclosure Vulnerabilities Flyspeck CMS "lang" Parameter Local File Inclusion Vulnerability Harland Multiple Products Remote PHP Code Injection Vulnerability TinyButStrong "script" Parameter File Source Disclosure Vulnerability openWYSIWYG Folder Listing and Image Upload Vulnerabilities Php Recommend PHP Code Execution and Authentication Bypass Issues QuiXplorer "lang" Parameter Handling Local File Inclusion Vulnerability TinyWebGallery "lang" Parameter Local File Inclusion Vulnerability ProjectCMS File Upload and Information Disclosure Vulnerabilities QT-cute QuickTeam "qte_web_path" and "qte_root" File Inclusion Issues vbDrupal Cross Site Scripting and Information Disclosure Vulnerabilities Drupal Exif Module Data Handling Cross Site Scripting Vulnerability Symantec Products Log Viewer Feature Script Injection Vulnerabilities SAP Products cFolders Multiple Cross Site Scripting Vulnerabilities ElkaGroup Image Gallery Arbitrary File Upload Vulnerability MoinMoin "AttachFile.py" File Multiple Cross Site Scripting Vulnerabilities FunGamez SQL Injection and Local File Inclusion Vulnerabilities Flatnux Multiple Local File Inclusion and File Upload Vulnerabilities Studio Lounge Address Book Arbitrary PHP File Upload Vulnerability Multi-lingual E-Commerce System File Inclusion and Security Bypass Novell NetStorage Information Disclosure and DoS Vulnerabilities Apache Geronimo Cross Site Scripting and Directory Traversal Issues Drupal Multiple Module Data Handling Cross Site Scripting Vulnerabilities phpMyAdmin Setup Script Remote PHP Code Injection Vulnerability ContentKeeper Command Injection and Privilege Escalation Vulnerabilities phpMyAdmin HTTP Response Splitting and File Inclusion Vulnerabilities PHPizabi Remote Code Execution and SQL Injection Vulnerabilities Drupal Template File Selection Local File Inclusion Vulnerability Pyrophobia "pid" Parameter Handling Local File Inclusion Vulnerability Free Arcade Script "template" Parameter Local File Inclusion Vulnerability pPIM "id" Parameter Handling Local File Inclusion Vulnerability Blue Utopia "page" Parameter Handling Local File Inclusion Vulnerability Autopost Bot Mod for phpBB "phpbb_root_path" File Inclusion Vulnerability YACS "context[path_to_root]" Remote PHP File Inclusion Vulnerability Potato News "user" Parameter Handling Local File Inclusion Vulnerability Papoo "pfadhier" Parameter Handling Local File Inclusion Vulnerability WebFrame Multiple Parameter Handling File Inclusion Vulnerabilities Yet Another NOCC "lang" Parameter Local File Inclusion Vulnerability SnippetMaster File Inclusion and Cross Site Scripting Vulnerabilities AdaptCMS Remote File Inclusion and Cross Site Scripting Vulnerabilities phpYabs "Azione" Parameter Remote File Inclusion Vulnerability 1024 CMS "page_include" Parameter Remote File Inclusion Vulnerability Syntax Desktop "synTarget" Parameter Local File Inclusion Vulnerability PHPbbBook "l" Parameter Handling Local File Inclusion Vulnerability Horde Products Cross Site Scripting and Local File Inclusion Vulnerabilities Pixie Multiple Parameter Handling Local File Inclusion Vulnerabilities AXIS 70U Network Document Server Information Disclosure Vulnerabilities GNUBoard "g4_path" Parameter Local File Inclusion Vulnerability DMXReady SDK "filename" Remote File Disclosure Vulnerability Technote "shop_this_skin_path" Remote File Inclusion Vulnerability x10 Automatic MP3 Script "web_root" File Inclusion Vulnerabilities XNova "xnova_root_path" Parameter Remote File Inclusion Vulnerability plusPHP Short URL "_pages_dir" Remote File Inlusion Vulnerability PHPauction GPL "include_path" Remote File Inclusion Vulnerabilities Connectix Boards "template_path" Remote File Inclusion Vulnerability ViArt Products "root_folder_path" Parameter File Inclusion Vulnerability DevMass Shopping Cart "kfm_base_path" PHP File Inclusion Vulnerability Carousel Flash Image Gallery for Joomla PHP File Inclusion Vulnerability BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion Vulnerabilities GoSamba "include_path" Parameter Multiple File Inclusion Vulnerabilities Sige "SYS_PATH" Parameter Handling Remote File Inclusion Vulnerability LiveAlbum "livealbum_dir" Parameter Remote File Inclusion Vulnerability IDMOS "site_absolute_path" Variable Remote File Inclusion Vulnerability phpbb-openid "openid_root_path" Remote PHP File Inclusion Vulnerability Mx At A Glance for mxBB "mx_root_path" Remote File Inclusion Vulnerability PhFiTo "SRC_PATH" Parameter Handling Remote File Inclusion Vulnerability IntegraMOD Nederland(s) "phpbb_root_path" PHP File Inclusion Vulnerability WordSmith "_path" Parameter Processing Remote File Inclusion Vulnerability phpBB2 Plus "phpbb_root_path" Remote PHP File Inclusion Vulnerabilities phpFFL "PHPFFL_FILE_ROOT" Parameter PHP File Inclusion Vulnerabilities PHP Object Framework "PHPOF_INCLUDE_PATH" File Inclusion Vulnerability STPHPLib "STPHPLIB_DIR" Parameter Remote File Inclusion Vulnerabilities Weblogicnet "files_dir" Parameter Handling Remote File Inclusion Vulnerabilities FrontAccounting "path_to_root" Parameter Remote File Inclusion Vulnerability Form Processor Pro "base_path" Parameter Processing Cross Site Scripting Issue SupaNav Module for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability FlashBB "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability phpTrafficA "pageid" and "lang" SQL Injection and Local File Inclusion Vulnerabilities PHP::HTML "htmlclass_path" Parameter Handling Remote File Inclusion Vulnerability iContent Module for XOOPS "spaw_root" Parameter Remote File Inclusion Vulnerability YAAP "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability cjgExplorerPro "g_pcltar_lib_dir" Parameter Remote PHP File Inclusion Vulnerability LaVague "views_path" Parameter Handling Remote PHP File Inclusion Vulnerability Friendly "friendly_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities PHPtree "s_dir" Parameter Handling Remote PHP File Inclusion Vulnerability phpChess Community Edition "Root_Path" Parameter PHP File Inclusion Vulnerabilities Mx Faq and Rules for mxBB "module_root_path" Remote File Inclusion Vulnerability phpOracleView "page_dir" and "inc_dir" Parameters Remote File Inclusion Vulnerabilities FireFly "doc_root" and "DOCUMENT_ROOT" Parameters File Inclusion Vulnerabilities GPB "theme" and "root_path" Parameters Multiple Remote File Inclusion Vulnerabilities Joomla "g_pcltar_lib_dir" Parameter Handling Remote PHP File Inclusion Vulnerability WEBinsta FM Manager "absolute_path" Parameter Remote File Inclusion Vulnerability NuclearBB "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability Turnkey Web Tools SunShop "abs_path" Parameter Remote File Inclusion Vulnerabilities audioCMS arash "arashlib_dir" Parameter Handling Remote File Inclusion Vulnerabilities Article for Joomla "absolute_path" Parameter Remote PHP File Inclusion Vulnerability WebKalk2 "absolute_path" Parameter Handling Remote PHP File Inclusion Vulnerability Shotcast Module for mxBB "mx_root_path" Parameter Remote File Inclusion Vulnerability Wetter Module for Mambo "absolute_path" Parameter Remote File Inclusion Vulnerability TOSMO/Mambo "absolute_path" Parameter Remote PHP File Inclusion Vulnerabilities Scar4U ScarNews "sn_admin_dir" Parameter Remote PHP File Inclusion Vulnerability Sisplet CMS "site_path" Parameter Handling Remote PHP File Inclusion Vulnerability PHP-Generics "_APP_RELATIVE_PATH" Parameter PHP File Inclusion Vulnerabilities CodeWand phpBrowse "include_path" Parameter Remote File Inclusion Vulnerability Kuato Mutant "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability AROUNDMe Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities Softerra Time-Assistant "inc_dir" and "lib_dir" Parameters File Inclusion Vulnerabilities Forum Picture and Meta Tags for phpBB "phpbb_root_path" File Inclusion Vulnerability Kaqoo Auction "install_root" Parameter Handling Remote File Inclusion Vulnerabilities CodeBB "phpbb_root_path" Parameter Handling Remote PHP File Inclusion Vulnerability MangoBery "Site_Path" Parameter Handling Remote PHP File Inclusion Vulnerabilities Eve-Nuke Forums "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability C-Arbre "root_path" Parameter Handling Multiple Remote PHP File Inclusion Vulnerabilities ttCMS "lib_path" Parameter Handling Remote PHP File Inclusion Vulnerability CcMail "functions_dir" Parameter Handling Remote PHP File Inclusion Vulnerability GraFX Company WebSite Builder "INCLUDE_PATH" Remote File Inclusion Vulnerability Radical Designs AMP "base_path" Parameter Remote PHP File Inclusion Vulnerability CARE2X "root_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities Open Educational System Multiple Parameter Remote PHP File Inclusion Vulnerabilities PMB Multiple Parameter Handling Remote File Inclusion and Code Execution Vulnerabilities PhpForums Admin Phorum "include_path" Parameter Remote File Inclusion Vulnerability NoMoKeTo Module for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability Extreme phpBB "phpbb_root_path" Parameter Handling PHP File Inclusion Vulnerability DBGuestbook "dbs_base_path" Parameter Remote PHP File Inclusion Vulnerabilities DBImageGallery "donsimg_base_path" Parameter Remote File Inclusion Vulnerabilities ZebraFeeds "zf_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities TagIt! Tagboard Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities Seitenschutz Plugin for OPENi-CMS "config[oi_dir]" Remote File Inclusion Vulnerability Site-Assistant "paths[version]" Parameter Handling Remote File Inclusion Vulnerability Maian Recipe "path_to_folder" Parameter Handling Remote File Inclusion Vulnerability WebMatic "P_LIB" and "P_INDEX" Parameters Remote PHP File Inclusion Vulnerabilities MySQLNewsEngine "newsenginedir" Parameter Remote File Inclusion Vulnerability AgerMenu "rootdir" Parameter Handling Remote PHP File Inclusion Vulnerability LightRO CMS "dateien[news]" Parameter Handling Remote File Inclusion Vulnerability SMA-DB "pfad_z" Parameter Handling Remote PHP File Inclusion Vulnerability Flipsource Flip "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability ezConvert "ezconvert_dir" Parameter Handling Remote PHP File Inclusion Vulnerability Epistemon "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability Portail Web Php "site_path" Parameter Handling Remote File Inclusion Vulnerability Phpbb Tweaked "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability Hailboards "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability Omegaboard "phpbb_root_path" Parameter Remote PHP File Inclusion Vulnerability Cerulean Portal System "phpbb_root_path" Parameter Remote File Inclusion Vulnerability EclipseBB "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability PhP Generic Library and Framework for Comm "include_path" File Inclusion Vulnerability Drunken:Golem Gaming Portal "root_path" Parameter Remote File Inclusion Vulnerability Xt-Stats "server_base_dir" Parameter Handling Remote PHP File Inclusion Vulnerability MyPHPCommander "gl_root" Parameter Handling Remote File Inclusion Vulnerability AINS "ains_path" Parameter Handling Remote PHP File Inclusion Vulnerability Virtual Path for phpBB "phpbb_root_path" Parameter Remote File Inclusion Vulnerability Inter7 vHostAdmin "MODULES_DIR" Parameter Remote PHP File Inclusion Vulnerability BBClone "BBC_LIB_PATH" Parameter Handling Remote File Inclusion Vulnerability VisoHotlink "mosConfig_absolute_path" Parameter Remote File Inclusion Vulnerability ComVironment "inc_dir" Parameter Handling Remote PHP File Inclusion Vulnerability Bradabra "include_path" Parameter Handling Remote PHP File Inclusion Vulnerability Edit-X ECOMMERCE "include_dir" Parameter Remote PHP File Inclusion Vulnerability NUNE News Script "custom_admin_path" Parameter Remote File Inclusion Vulnerablities Aratix "current_path" Parameter Handling Remote PHP File Inclusion Vulnerability Event Calendar for Limbo CMS "lm_absolute_path" Remote File Inclusion Vulnerability Character Roster for Shadowed Portal "mod_root" Remote File Inclusion Vulnerability PhpbbXtra "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability Jinzora "include_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities Inertianews Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities TextSend Multiple Parameter Remote File Inclusion and Cross Site Scripting Vulnerabilities Web Links Module for mxBB "module_root_path" Remote File Inclusion Vulnerability Charts Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability Meeting Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability phpMiX Modsdb for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability Knowledge Base for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability Newssuite Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability ErrorDocs Module for mxBB "module_root_path" Remote File Inclusion Vulnerability Profile Control Panel for mxBB "module_root_path" Remote File Inclusion Vulnerability Activity Games Module for mxBB "mx_root_path" Variable Remote File Inclusion Vulnerability b2evolution "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability KDPics Multiple Parameter Handling File Inclusion and Cross Site Scripting Vulnerabilities Profile Control Panel for mxBB "module_root_path" Remote File Inclusion Vulnerability Mx_tinies for mxBB "module_root_path" Parameter Remote File Inclusion Vulnerability OWLLib "OWLLIB_ROOT" Parameter Handling Remote File Inclusion Vulnerability e-Ark "cfg_pear_path" Parameter Handling Remote PHP File Inclusion Vulnerability CalSnails Module for MxBB Portal "module_root_path" File Inclusion Vulnerability MyAlbum "langs_dir" Parameter Handling Remote PHP File Inclusion Vulnerability Advanced Guestbook "include_path" Parameter PHP File Inclusion Vulnerability MODx "base_path" Parameter Handling Remote PHP File Inclusion Vulnerability Drake CMS "d_root" Variable Handling Remote PHP File Inclusion Vulnerabilities MySource Classic "INCLUDE_PATH" Variable Remote File Inclusion Vulnerability Intelimen InteliEditor "sys_path" Parameter Remote PHP File Inclusion Vulnerability RSSonate "PROJECT_ROOT" Parameter Remote File Inclusion Vulnerabilities Virtual Law Office "phpc_root_path" Parameter PHP File Inclusion Vulnerabilities Open Meetings Filing Application "PROJECT_ROOT" File Inclusion Vulnerability Php AMX "plug_path" Parameter Handling Remote File Inclusion Vulnerability IncCMS Core "inc_dir" Parameter Handling Remote PHP File Inclusion Vulnerability phpMyConference "lvc_include_path" Parameter PHP File Inclusion Vulnerability Softerra PHP Developer Library "lib_dir" Variable PHP File Inclusion Vulnerabilities Download-Engine "spaw_root" Parameter Handling PHP File Inclusion Vulnerability phpht Topsites "phpht_real_path" Parameter Handling File Inclusion Vulnerability Leicestershire Community Portals "cp_root_path" PHP File Inclusion Vulnerability Softerra PHPLibrary "lib_dir" Parameter Handling PHP File Inclusion Vulnerabilities phpMyTeam "smileys_dir" Parameter Remote PHP File Inclusion Vulnerability PhpGreetz "PHPGREETZ_INCLUDE_DIR" Parameter File Inclusion Vulnerability phpMyProfiler "pmp_rel_path" Parameter Handling File Inclusion Vulnerability Pie Cart Pro Site Builder "Inc_Dir" Parameter Remote File Inclusion Vulnerabilities paBugs "path_to_bt_dir" Parameter Handling Remote File Inclusion Vulnerability syntaxCMS "init_path" Variable Handling Remote PHP File Inclusion Vulnerability BCWB "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability ReviewPost PHP Pro "RP_PATH" Parameter Remote File Inclusion Vulnerabilities Magic News Pro "script_path" Variable Handling Remote File Inclusion Vulnerability Phpunity.postcard "gallery_path" Parameter Handling File Inclusion Vulnerability Signkorn Guestbook "dir_path" Parameter Handling File Inclusion Vulnerability Socketwiz Bookmarks "root_dir" Parameter Handling File Inclusion Vulnerability Open Bulletin Board "root_path" Parameter Handling File Inclusion Vulnerability photokorn "dir_path" Variable Handling Multiple Remote File Inclusion Vulnerabilities Beautifier "BEAUT_PATH" Parameter Handling Remote File Inclusion Vulnerability phpECard "include_path" Parameter Handling Remote File Inclusion Vulnerabilities Web3news "PHPSECURITYADMIN_PATH" Variable Remote File Inclusion Vulnerability AlberT-EasySite "PSA_PATH" Parameter Handling Remote File Inclusion Vulnerability Content Management Module for PHProjekt "pre_path" Local File Inclusion Vulnerability Empire CMS "check_path" Parameter Handling Remote File Inclusion Vulnerability phpCodeGenie "BEAUT_PATH" Parameter Handling Remote File Inclusion Vulnerability Tutti Nova "TNLIB_DIR" Parameter Handling Multiple Remote File Inclusion Vulnerabilities PHProjekt "path_pre" and "lib_path" Parameters Remote File Inclusion Vulnerabilities WEBInsta CMS "templates_dir" Parameter Handling Remote File Inclusion Vulnerability Webring Component for Joomla "component_dir" Remote PHP File Inclusion Vulnerability Thatware "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability docpile:we "INIT_PATH" Parameter Handling Remote PHP File Inclusion Vulnerability Visual Events Calendar "cfg_dir" Parameter Handling Remote File Inclusion Vulnerability NEWSolved Lite "abs_path" Parameter Handling Remote PHP File Inclusion Vulnerability phpCC "base_dir" Parameter Handling Remote PHP File Inclusion Vulnerability SAPID Shop "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability SAPID Gallery "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability SAPID Blog "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability PHP Live Helper "abs_path" Parameter Handling Remote PHP File Inclusion Vulnerability SAPID CMS "root_path" Parameter Handling Remote PHP File Inclusion Vulnerability PHP Simple Shop "abs_path" Parameter Handling Remote PHP File Inclusion Vulnerability phpCodeCabinet "BEAUT_PATH" Parameter Handling Remote File Inclusion Vulnerability circeOS SaveWeb Portal "SITE_Path" Parameter Remote PHP File Inclusion Vulnerability Knusperleicht Newsletter "NL_PATH" Variable Handling Remote File Inclusion Vulnerability Knusperleicht newsReporter "news_include_path" Parameter PHP File Inclusion Vulnerability Voodoo Chat "file_path" Parameter Handling Remote PHP File Inclusion Vulnerability Knusperleicht Shoutbox "sb_include_path" Parameter Remote File Inclusion Vulnerability Knusperleicht FileManager "dwl_include_path" Parameter Remote File Inclusion Vulnerability MyNewsGroups "myng_root" Parameter Handling Remote PHP File Inclusion Vulnerability PHP Live "css_path" Parameter Handling Remote PHP File Inclusion Vulnerability SiteDepth CMS "SD_DIR" Parameter Handling Remote PHP File Inclusion Vulnerability Mail2Forum Module for phpBB "m2f_root_path" Parameter Remote File Inclusion Vulnerability FlushCMS "class_path" Parameter Handling Remote PHP File Inclusion Vulnerability phpMySms "ROOT_PATH" Parameter Handling Remote File Inclusion Vulnerability BandSite CMS "root_path" Parameter Handling Remote File Inclusion Vulnerability Micro CMS "microcms_path" Variable Handling Remote File Inclusion Vulnerability Flipper Poll "root_path" Parameter Handling Remote File Inclusion Vulnerability AWF CMS "spaw_root" Parameter Handling Remote File Inclusion Vulnerability free QBoard "qb_path" Parameter Handling Remote File Inclusion Vulnerability CMS-Bandits "spaw_root" Parameter Handling Remote File Inclusion Vulnerabilities DreamAccount "da_path" Parameter Handling Remote File Inclusion Vulnerabilities dotWidget CMS "file_path" Parameter Handling Remote File Inclusion Vulnerability DotClear "blog_dc_path" Parameter Handling Remote File Inclusion Vulnerability CS-Cart "classes_dir" Parameter Handling Remote File Inclusion Vulnerability AssoCIateD "root_path" Parameter Handling File Inclusion Vulnerabilities ACID CMS "root_path" Parameter Handling Remote File Inclusion Vulnerabilities Gnopaste "root_path" Parameter Handling Remote File Inclusion Vulnerability METAjour "system_path" Parameter Handling Remote File Inclusion Vulnerabilities Ottoman "default_path" Parameter Handling Remote File Inclusion Vulnerabilities eSyndiCat Directory Software "path_to_config" Local File Inclusion Vulnerability SocketMail "site_path" Parameter Handling Remote File Inclusion Vulnerability phpMyDirectory "ROOT_PATH" Parameter Remote File Inclusion Vulnerability Quezza "quezza_root_path" Variable Handling Remote File Inclusion Vulnerability ezUserManager "ezUserManager_Path" Parameter File Inclusion Vulnerability Squirrelcart "cart_isp_root" Variable Handling Remote File Inclusion Vulnerability pafileDB Module for MxBB Portal "module_root_path" File Inclusion Vulnerability EQdkp "eqdkp_root_path" Variable Handling Remote File Inclusion Vulnerability Jetbox CMS "relative_script_path"Parameter Remote File Inclusion Vulnerability WEBInsta Limbo "classes_dir" Parameter Remote File Inclusion Vulnerability OpenPHPNuke "root_path" Variable Handling Remote File Inclusion Vulnerability dForum "DFORUM_PATH" Variable Handling Remote File Inclusion Vulnerability Built2Go Movie Review "full_path" Parameter Remote File Inclusion Vulnerability I-Rater Platinum "include_path" Parameter Remote File Inclusion Vulnerability TotalCalendar "inc_dir" Parameter Handling Remote File Inclusion Vulnerability PHP Album "data_dir" Parameter Handling PHP File Inclusion Vulnerability phpWebSite "hub_dir" Parameter Handling PHP File Inclusion Vulnerability Monster Top List "root_path" Variable Handling Remote File Inclusion Vulnerability Sphider "settings_dir" Parameter Handling Remote File Inclusion Vulnerability AzDGVote "int_path" Parameter Handling Remote File Inclusion Vulnerabilities Virtual War "vwar_root" Variable Handling Remote File Inclusion Vulnerabilities PHPNuke-Clan "vwar_root" Variable Handling Remote File Inclusion Vulnerability Virtual War "vwar_root" Variable Handling Remote File Inclusion Vulnerability PHP Live Helper "abs_path" Parameter Remote File Inclusion Vulnerabilities iUser Ecommerce "include_path" Parameter File Inclusion Vulnerability Indexu "base_path" Variable Handling Remote File Inclusion Vulnerability AppServ "appserv_root" Remote PHP File Inclusion Vulnerability Athena "athena_dir" Parameter Remote PHP File Inclusion Vulnerability SPiD "lang_path" Remote PHP File Inclusion Vulnerability Jinzora "include_path" Remote PHP File Inclusion Vulnerability WEBInsta Limbo "absolute_path" PHP File Inclusion Vulnerability 100 last CVE   CVE-2012-4867 CVE-2012-4032 CVE-2012-1496 CVE-2012-1205 CVE-2011-4679 CVE-2011-4670 CVE-2011-3981 CVE-2010-2918 CVE-2010-2786 CVE-2010-2681 CVE-2010-2358 CVE-2010-2341 CVE-2010-2314 CVE-2010-2146 CVE-2010-2128 CVE-2010-1944 CVE-2010-1927 CVE-2010-1926 CVE-2010-1922 CVE-2010-1921 CVE-2010-1920 CVE-2010-1737 CVE-2010-1267 CVE-2010-1266 CVE-2010-1216 CVE-2010-0983 CVE-2010-0754 CVE-2009-5095 CVE-2009-4986 CVE-2009-4978 CVE-2009-4977 CVE-2009-4974 CVE-2009-4973 CVE-2009-4726 CVE-2009-4725 CVE-2009-4693 CVE-2009-4627 CVE-2009-4626 CVE-2009-4614 CVE-2009-4591 CVE-2009-4590 CVE-2009-4512 CVE-2009-4472 CVE-2009-4471 CVE-2009-4321 CVE-2009-4319 CVE-2009-3636 CVE-2009-3635 CVE-2009-3634 CVE-2009-3633 CVE-2009-3632 CVE-2009-3631 CVE-2009-3630 CVE-2009-3629 CVE-2009-3628 CVE-2009-3625 CVE-2009-3426 CVE-2009-3425 CVE-2009-3424 CVE-2009-3312 CVE-2009-3307 CVE-2009-3306 CVE-2009-3258 CVE-2009-3257 CVE-2009-3251 CVE-2009-3250 CVE-2009-3249 CVE-2009-3248 CVE-2009-3247 CVE-2009-3217 CVE-2009-3216 CVE-2009-3188 CVE-2009-3174 CVE-2009-3149 CVE-2009-3065 CVE-2009-3064 CVE-2009-3056 CVE-2009-3055 CVE-2009-3053 CVE-2009-2791 CVE-2009-2736 CVE-2009-2735 CVE-2009-2449 CVE-2009-2444 CVE-2009-2432 CVE-2009-2431 CVE-2009-2398 CVE-2009-2336 CVE-2009-2335 CVE-2009-2334 CVE-2009-2333 CVE-2009-2332 CVE-2009-2331 CVE-2009-2330 CVE-2009-2263 CVE-2009-2229 CVE-2009-2228 CVE-2009-2183 CVE-2009-2182 CVE-2009-2181    Risk level  Moderate