PHP : Remote file inclusion prevention : URL found as parameter Description   Many PHP-based scripts are vulnerable to Remote File Inclusion (RFI). This vulnerability allows attackers to include remote PHP pages on the targeted web server, and therefore execute code. Since many public web servers may use URLs as parameters without being vulnerable to the flaw, this alarm should be customized for internal websites, only if URLs are not supposed to be used as parameters.       Default configuration   Profiles High Medium Low Internet Action Block Pass Pass Pass Alarm Level Minor Minor Ignore Ignore       References         Available since   ASQ v3.2.0       Protects   Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Adem "p" Arbitrary File Inclusion Vulnerability ClipShare "config_file" Arbitrary File Inclusion Vulnerability Crafty Syntax Live Help "page" Remote File Inclusion Vulnerability WordPress Crayon Syntax Highlighter Plugin "wp_load" Remote File Inclusion Vulnerability WebsitePanel "ReturnUrl" Redirection Weakness WebCalendar "pref_THEME" File Inclusion Vulnerability Mega File Manager File Disclosure and Local File Inclusion Vulnerabilities WordPress Relocate Upload Plugin "abspath" File Inclusion Vulnerability mPDF "filename" Local File Inclusion Vulnerability SourceBans "xajaxargs[]" Two Local File Inclusion Vulnerabilities WordPress BackWPup Plugin "BackWPupJobTemp" File Inclusion Vulnerability POSH Cross-Site Scripting and File Inclusion Vulnerabilities WordPress Eventify Plugin "npath" File Inclusion Vulnerability vtiger CRM Multiple Vulnerabilities ea-gBook "inc_ordner" File Inclusion Vulnerability WordPress Annonces Plugin "abspath" and "mainPluginFile" File Inclusion Vulnerabilities Joomla! JE Quote Form Component "view" File Inclusion Vulnerability WordPress Mailing List Plugin "wpabspath" File Inclusion Vulnerability WordPress WP Easy Stats Plugin "homep" File Inclusion Vulnerability WordPress TheCartPress Plugin "tcp_class_path" File Inclusion Vulnerability WordPress Zingiri Web Shop Plugin "wpabspath" File Inclusion Vulnerabilities WordPress AllWebMenus Plugin "abspath" File Inclusion Vulnerability WordPress Mini Mail Dashboard Widget Plugin Remote File Inclusion Vulnerability WordPress 1 Flash Gallery Plugin Arbitrary File Upload Vulnerability PlaySMS SMS Gateway Multiple File Inclusion Vulnerabilities TYPO3 Code Execution and Multiple Cross Site Scripting Vulnerabilities Piwik Unspecified Paramater Data Renderer Local File Inclusion Visites for Joomla "mosConfig_absolute_path" File Inclusion Vulnerability PHP Chat Module for 123 Flash Chat Local File Inclusion Vulnerability Family Connections Who is Chatting "TMPL[path]" File Inclusion Vulnerability SEF404x (com_sef) for Joomla Remote File Inclusion Vulnerability ARSC Really Simple Chat "arsc_message" Cross Site Scripting Issue Nakid CMS "core[system_path]" Parameter File Inclusion Vulnerability EZPX photoblog "tpl_base_dir" Parameter File Inclusion Vulnerability ardeaCore "pathForArdeaCore" Remote File Inclusion Vulnerability e107 Multiple Remote File Inclusion and Cross Site Scripting Issues Visitor Logger "VL_include_path" Local File Inclusion Vulnerability Groone Contact Form "abspath" Parameter File inclusion Vulnerability Nucleus Plugin NP_Gallery File inclusion and SQL Injection Vulnerabilities Nucleus Plugin NP_Twitter "DIR_PLUGINS" File inclusion Vulnerability 29o3 CMS "LibDir" Parameter Remote File Inclusion Vulnerabilities Waibrasil "conteudo" Parameter Remote File Inclusion Vulnerability Gallo "config[gfwroot]" Parameter Remote File Inclusion Vulnerability OpenMairie openAnnuaire Multiple File Inclusion Vulnerabilities OpenMairie openCimetiere "path_om" File Inclusion Vulnerabilities SoftBB Remote File Inclusion and Cross Site Scripting Vulnerabilities OpenMairie Opencourrier Multiple File Inclusion Vulnerabilities OpenMairie openReglement Multiple File Inclusion Vulnerabilities Redaxo "REX[INCLUDE_PATH]" Remote File Inclusion Vulnerabilities OpenMairie openScrutin Remote and Local File Inclusion Vulnerabilities Fw-BofF "configRootDir" and "configDBchoice" File Inclusion Issues WebMaid CMS Multiple Parameter File Inclusion Vulnerabilities notsoPureEdit "content" Parameter Remote File Inclusion Vulnerability WikyBlog "which" Parameter Cross Site Scripting Vulnerability LightOpen CMS "cwd" Parameter Remote File Inclusion Vulnerability Rezervi "root" Parameter Handling Remote File Inclusion Vulnerability Fedora Security Update Fixes PhpLDAPadmin Local File Inclusion eoCMS "BBCODE_path" Remote File Inclusion Vulnerability Zen Cart "url" Processing Remote File Disclosure Vulnerability Oscailt CMS "obj_id" Parameter Local File Inclusion Vulnerability TYPO3 Multiple Code Injection and Information Disclosure Vulnerabilities JD-WordPress for Joomla "mosConfig_absolute_path" Inclusion Issue BookLibrary for Joomla "mosConfig_absolute_path" Inclusion Vulnerability Ajax Chat for Joomla "mosConfig_absolute_path" Inclusion Vulnerability FSphp "FSPHP_LIB" Parameter Remote File Inclusion Vulnerabilities ClearSite "cs_base_path" Parameter Remote File Inclusion Vulnerability phpPollScript "include_class" Remote File Inclusion Vulnerability Aurora CMS "AURORA_MODULES_FOLDER" File Inclusion Vulnerability OBOphiX "chemin_lib" Parameter Remote File Inclusion Vulnerability PHPope Multiple Parameter Remote File Inclusion Vulnerabilities FreeSchool "CLASSPATH" Parameter File Inclusion Vulnerabilities Ve-EDIT Two Remote and Local File Inclusion Vulnerabilities Kingcms "CONFIG[AdminPath]" Parameter File Inclusion Vulnerability DreamCost Multiple File Inclusion and SQL Injection Vulnerabilities phpSANE "file_save" Parameter Remote File Inclusion Vulnerability Moa Gallery Remote File Inclusion and File Disclosure Vulnerabilities Vtiger CRM Code Execution and Information Disclosure Vulnerabilities Gentoo Security Update Fixes DokuWiki Local File Inclusion Vulnerability OpenNews "username" Parameter Remote SQL Injection Vulnerability Tenrok Command Injection and Information Disclosure Vulnerabilities MyBackup Remote File Inclusion and Disclosure Vulnerabilities In-Portal "env" Parameter Processing Local File Inclusion Vulnerability Elgg "js" Parameter Processing Local File Inclusion Vulnerability MAXcms Remote File Inclusion and Disclosure Vulnerabilities Arab Portal "module" Parameter Local File Inclusion Vulnerability ProjectButler "offset" Parameter Remote PHP File Inclusion Vulnerability Meta Search Engine "url" Remote File Disclosure Vulnerability MiniCWB "LANG" Parameter Remote File Inclusion Vulnerabilities WordPress Multiple Security Bypass and Information Disclosure Issues ADbNewsSender "path_to_lang" Local File Inclusion Vulnerability CMS Chainuk Multiple Code Injection and File Inclusion Vulnerabilities PHP-Sugar "t" Parameter Processing File Disclosure Vulnerability Kasseler CMS File Disclosure and Cross Site Scripting Vulnerabilities Campsite "g_campsiteDir" Remote and Local File Inclusion Vulnerabilities pc4 Uploader "file" Parameter Remote File Disclosure Vulnerability Fedora Security Update Fixes php-ZendFramework Local File Inclusion MooFAQ Component for Joomla "file" Local File Inclusion Vulnerability OCS Inventory NG Server SQL Injection and File Disclosure Vulnerabilities Flyspeck CMS "lang" Parameter Local File Inclusion Vulnerability Harland Multiple Products Remote PHP Code Injection Vulnerability TinyButStrong "script" Parameter File Source Disclosure Vulnerability Php Recommend PHP Code Execution and Authentication Bypass Issues ProjectCMS File Upload and Information Disclosure Vulnerabilities QT-cute QuickTeam "qte_web_path" and "qte_root" File Inclusion Issues vbDrupal Cross Site Scripting and Information Disclosure Vulnerabilities Drupal Exif Module Data Handling Cross Site Scripting Vulnerability Symantec Products Log Viewer Feature Script Injection Vulnerabilities SAP Products cFolders Multiple Cross Site Scripting Vulnerabilities ElkaGroup Image Gallery Arbitrary File Upload Vulnerability MoinMoin "AttachFile.py" File Multiple Cross Site Scripting Vulnerabilities FunGamez SQL Injection and Local File Inclusion Vulnerabilities Flatnux Multiple Local File Inclusion and File Upload Vulnerabilities Studio Lounge Address Book Arbitrary PHP File Upload Vulnerability Multi-lingual E-Commerce System File Inclusion and Security Bypass Novell NetStorage Information Disclosure and DoS Vulnerabilities Apache Geronimo Cross Site Scripting and Directory Traversal Issues Drupal Multiple Module Data Handling Cross Site Scripting Vulnerabilities phpMyAdmin Setup Script Remote PHP Code Injection Vulnerability ContentKeeper Command Injection and Privilege Escalation Vulnerabilities phpMyAdmin HTTP Response Splitting and File Inclusion Vulnerabilities PHPizabi Remote Code Execution and SQL Injection Vulnerabilities Golabi "cur_module" Parameter Remote PHP File Inclusion Vulnerability Drupal Template File Selection Local File Inclusion Vulnerability Pyrophobia "pid" Parameter Handling Local File Inclusion Vulnerability Free Arcade Script "template" Parameter Local File Inclusion Vulnerability pPIM "id" Parameter Handling Local File Inclusion Vulnerability Blue Utopia "page" Parameter Handling Local File Inclusion Vulnerability Autopost Bot Mod for phpBB "phpbb_root_path" File Inclusion Vulnerability YACS "context[path_to_root]" Remote PHP File Inclusion Vulnerability Potato News "user" Parameter Handling Local File Inclusion Vulnerability Papoo "pfadhier" Parameter Handling Local File Inclusion Vulnerability WebFrame Multiple Parameter Handling File Inclusion Vulnerabilities Yet Another NOCC "lang" Parameter Local File Inclusion Vulnerability SnippetMaster File Inclusion and Cross Site Scripting Vulnerabilities AdaptCMS Remote File Inclusion and Cross Site Scripting Vulnerabilities phpYabs "Azione" Parameter Remote File Inclusion Vulnerability 1024 CMS "page_include" Parameter Remote File Inclusion Vulnerability Syntax Desktop "synTarget" Parameter Local File Inclusion Vulnerability PHPbbBook "l" Parameter Handling Local File Inclusion Vulnerability Horde Products Cross Site Scripting and Local File Inclusion Vulnerabilities GameScript Remote SQL Injection and Local File Inclusion Vulnerabilities Pixie Multiple Parameter Handling Local File Inclusion Vulnerabilities WB News "config[installdir]" Remote File Inclusion Vulnerabilities AXIS 70U Network Document Server Information Disclosure Vulnerabilities DMXReady SDK "filename" Remote File Disclosure Vulnerability Realtor 747 "INC_DIR" Parameter Remote File Inclusion Vulnerability Broadcast Machine "baseDir" Remote File Inclusion Vulnerabilities MODx Remote File Inclusion and Cross Site Scripting Vulnerabilities Simple RSS Reader for Joomla Remote File Inclusion Vulnerability OTManager "Tipo" Parameter Handling File Inclusion Vulnerability Enthusiast "path" Parameter Handling File Inclusion Vulnerability Dada Mail Manager "mosConfig_absolute_path" Inclusion Vulnerability Agares ThemeSiteScript "loadadminpage" File Inclusion Vulnerability Fast Click SQL Lite "CFG[CDIR]" Remote File Inclusion Vulnerability asiCMS "[asicms][path]" Parameter File Inclusion Vulnerabilities WebBiscuits Events Calendar "path[docroot]" File Inclusion Vulnerability basebuilder "mj_config[src_path]" PHP File Inclusion Vulnerability phpRealty "INC" Parameter Remote File Inclusion Vulnerability PHP-Crawler "footer_file" Remote PHP File Inclusion Vulnerability DeeEmm CMS Remote File Inclusion and SQL Injection Vulnerabilities ATutor "type" Parameter Handling Remote File Inclusion Vulnerability EZWebAlbum "dlfilename" Remote File Disclosure Vulnerability gapicms "dirDepth" Remote PHP File Inclusion Vulnerability BoonEx Ray "sIncPath" Remote PHP File Inclusion Vulnerability Booby "renderer" Parameter Remote File Inclusion Vulnerabilities PhpRaider "pConfig_auth[phpbb_path]" PHP File Inlusion Vulnerability plusPHP Short URL "_pages_dir" Remote File Inlusion Vulnerability Scorp News "site" Parameter Remote File Inclusion Vulnerability VisualPic "_CONFIG[files][functions_page]" File Inclusion Vulnerability fuzzylime (cms) "admindir" Parameter Remote File Inclusion Vulnerability PHPauction GPL "include_path" Remote File Inclusion Vulnerabilities GROUP-E Collaboration Software Remote File Inclusion Vulnerability Connectix Boards "template_path" Remote File Inclusion Vulnerability Lama Software "MY_CONF[classRoot]" File Inclusion Vulnerabilities SNETWORKS PHP CLASSIFIEDS "path_escape" Remote File Inclusion NmnNewsletter "output" Parameter Remote File Inclusion Vulnerability Agares phpAutoVideo Remote and Local File Inclusion Vulnerabilities ViArt Products "root_folder_path" Parameter File Inclusion Vulnerability Fastpublish "config[fsBase]" Parameter PHP File Inclusion Vulnerability Mp3 ToolBox "skin_file" Parameter Remote File Inclusion Vulnerability DevMass Shopping Cart "kfm_base_path" PHP File Inclusion Vulnerability TalkBack Multiple Parameter Remote PHP File Inclusion Vulnerabilities meBiblio "action" Parameter Remote PHP File Inclusion Vulnerability Carousel Flash Image Gallery for Joomla PHP File Inclusion Vulnerability patBBCode "example" Parameter Remote PHP File Inclusion Vulnerability nuBoard "site" Parameter Handling Remote File Inclusion Vulnerability Vortex Portal "cfgProgDir" Parameter Remote File Inclusion Vulnerabilities scWiki "pathdot" Parameter Handling Remote File Inclusion Vulnerability GuppY "selskin" Parameter Local and Remote File Inclusion Vulnerability SyndeoCMS "cmsdir" Parameter Remote PHP File Inclusion Vulnerability BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion Vulnerabilities awzMB "Setting[OPT_includepath]" Remote File Inclusion Vulnerabilities ZZ:FlashChat "file" Parameter Handling Local File Inclusion Vulnerability teatro "basePath" Parameter Handling Remote File Inclusion Vulnerability CaupoShop Pro "action" Parameter Remote File Inclusion Vulnerability GoSamba "include_path" Parameter Multiple File Inclusion Vulnerabilities Sige "SYS_PATH" Parameter Handling Remote File Inclusion Vulnerability LiveAlbum "livealbum_dir" Parameter Remote File Inclusion Vulnerability Flash Image Gallery for Joomla "mosConfig_live_site" File Inclusion Issue IDMOS "site_absolute_path" Variable Remote File Inclusion Vulnerability Picturesolution "path" Parameter Remote PHP File Inclusion Vulnerability Crea-CMS "cfg[document_uri]" Remote PHP File Inclusion Vulnerabilities Panoramic Picture Viewer for Joomla Remote File Inclusion Vulnerability xKiosk WEB "PEARPATH" Parameter Remote File Inclusion Vulnerability Poppawid "form" Parameter Handling Remote File Inclusion Vulnerability Segue CMS "themesdir" Variable Remote PHP File Inclusion Vulnerability phpwcms-xt "HTML_MENU_DirPath" Remote File Inclusion Vulnerabilities phpbb-openid "openid_root_path" Remote PHP File Inclusion Vulnerability Mx At A Glance for mxBB "mx_root_path" Remote File Inclusion Vulnerability actSite "BaseCfg[BaseDir]" Parameter Remote File Inclusion Vulnerability PhFiTo "SRC_PATH" Parameter Handling Remote File Inclusion Vulnerability Public Media Manager "indir" Parameter Remote File Inclusion Vulnerability IntegraMOD Nederland(s) "phpbb_root_path" PHP File Inclusion Vulnerability iziContents Multiple Parameter Remote and Local File Inclusion Vulnerabilities SK.LOG "SKIN_URL" Parameter Handling Remote File Inclusion Vulnerability DFD Cart "set_depth" Parameter Multiple Remote File Inclusion Vulnerabilities Helplink "file" Parameter Processing Remote File Inclusion Vulnerability WordSmith "_path" Parameter Processing Remote File Inclusion Vulnerability phpBB2 Plus "phpbb_root_path" Remote PHP File Inclusion Vulnerabilities phpFFL "PHPFFL_FILE_ROOT" Parameter PHP File Inclusion Vulnerabilities Ajax File Browser "approot" Parameter Remote File Inclusion Vulnerability Joomla!Radio for Joomla "mosConfig_live_site" File Inclusion Vulnerability WebED "Codebase" Parameter Handling Remote File Inclusion Vulnerabilities Focus/SIS "FocusPath" Parameter Handling Remote File Inclusion Vulnerabilities Focus/SIS "staticpath" Parameter Handling Remote File Inclusion Vulnerabilities phpMyTourney "functions_file" Parameter Remote File Inclusion Vulnerability PHP Object Framework "PHPOF_INCLUDE_PATH" File Inclusion Vulnerability STPHPLib "STPHPLIB_DIR" Parameter Remote File Inclusion Vulnerabilities eNetman "page" Parameter Processing Remote File Inclusion Vulnerability Weblogicnet "files_dir" Parameter Handling Remote File Inclusion Vulnerabilities SomeryC "skindir" Parameter Processing Remote File Inclusion Vulnerability PhpGedView Multiple Parameter Handling Cross Site Scripting Vulnerabilities FrontAccounting "path_to_root" Parameter Remote File Inclusion Vulnerability Confixx Pro "thisdir" Parameter Processing Remote File Inclusion Vulnerability Form Processor Pro "base_path" Parameter Processing Cross Site Scripting Issue FORMfields Secure "user" and "pwd" Parameters Cross Site Scripting Issues Joomla "searchword" Parameter Processing Remote Code Injection Vulnerability BBS E-Market Professional "p_mode" Parameter PHP File Inclusion Vulnerability SupaNav Module for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability ISS Proventia GX Series Cross Site Scripting and File Inclusion Vulnerabilities FlashBB "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability LimeSurvey "homedir" Parameter Handling Remote PHP File Inclusion Vulnerabilities sPHPell "SpellIncPath" Parameter Handling Remote PHP File Inclusion Vulnerabilities Ripe Wepsite Manager "level" Parameter Remote PHP File Inclusion Vulnerabilities B1G Bulletin Board "tfooter" Parameter Processing Remote File Inclusion Vulnerability phpTrafficA "pageid" and "lang" SQL Injection and Local File Inclusion Vulnerabilities Dagger "dir_edge_lang" Parameter Processing Remote File Inclusion Vulnerability Sun Board "sunPath" and "dir" Parameters Remote PHP File Inclusion Vulnerabilities Powl "_POWL[installPath]" Parameter Processing Remote File Inclusion Vulnerability SERWeb "_SERWEB[serwebdir]" Parameter Handling File Inclusion Vulnerability Jasmine CMS Local File Inclusion and Remote SQL Query Injection Vulnerabilities PHP::HTML "htmlclass_path" Parameter Handling Remote File Inclusion Vulnerability Horoscope Module for Xoops "xoopsConfig[root_path]" File Inclusion Vulnerability PHP Real Estate Classifieds "loc" Parameter Remote PHP File Inclusion Vulnerability Kravchuk Letter Script "scdir" Parameter Handling Remote File Inclusion Vulnerabilities SunLight CMS "root" Parameter Handling Remote PHP File Inclusion Vulnerability Libstats "rInfo[content]" Parameter Handling Remote PHP File Inclusion Vulnerability Media Gallery for Geeklog "_MG_CONF[path_html]" Remote File Inclusion Vulnerability Linksnet Newsfeed "dirpath_linksnet_newsfeed" Remote PHP File Inclusion Vulnerability CAPTCHA Plugin for Geeklog "_CONF[path]" Parameter File Inclusion Vulnerability Mazen PHP Chat "basepath" Parameter Handling Remote File Inclusion Vulnerabilities FlaP "pachtofile" Parameter Handling Remote PHP File Inclusion Vulnerabilities OpenBASE "root_prefix" Parameter Handling Remote PHP File Inclusion Vulnerabilities WebAvis "root" Parameter Handling Remote PHP File Inclusion Vulnerability FirmWorx Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities OlBookmarks "root" Parameter Handling Remote PHP File Inclusion Vulnerabilities Scallywag "path" and "skin_name" Parameters Remote and Local File Inclusion Issues PHPGlossar "format_menue" Parameter Handling Remote File Inclusion Vulnerabilities Glossword "sys[path_addon]" Parameter Remote PHP File Inclusion Vulnerability Feindt News-Script "action" Parameter Handling Remote PHP File Inclusion Vulnerability NagiosQL "SETS[path][physical]" and "SETS[path][IT]" PHP File Inclusion Vulnerability Beacon "languagePath" Parameter Handling Remote PHP File Inclusion Vulnerability Jimmac Original Photo Gallery "x[1]" Parameter Remote PHP File Inclusion Vulnerability telltarget CMS "tt_docroot" Parameter Handling Remote PHP File Inclusion Vulnerabilities AForum "CommonAbsDir" Parameter Handling Remote PHP File Inclusion Vulnerability Miplex2 "system[smarty][dir]" Parameter Handling Remote File Inclusion Vulnerability GNU Edu "ETCDIR" and "LIBSDIR" Parameters Remote File Inclusion Vulnerabilities PHPLojaFacil "path_local" Parameter Handling Remote PHP File Inclusion Vulnerabilities CGX "pathCGX" Parameter Processing Remote PHP File Inclusion Vulnerabilities Berylium "beryliumroot" Parameter Handling Remote PHP File Inclusion Vulnerability DynamicPAD "HomeDir" Parameter Handling Remote PHP File Inclusion Vulnerabilities Tropicalm Crowell Resource "RESPATH" Parameter Remote File Inclusion Vulnerabilities Wikivi5 "sous_rep" Parameter Handling Remote PHP File Inclusion Vulnerability NoAh "tpls[1]" Parameter Handling Remote PHP File Inclusion Vulnerability Watermark for Gallery "GALLERY_BASEDIR" Remote PHP File Inclusion Vulnerability PHP TopTree BBS "right_file" Parameter Handling Remote File Inclusion Vulnerability Persism CMS "system[path]" Parameter Handling Remote File Inclusion Vulnerabilities PMECMS "config[pathMod]" Parameter Handling Remote File Inclusion Vulnerabilities Workbench "path" Parameter Handling Remote PHP File Inclusion Vulnerability Versado CMS "urlModulo" Parameter Handling Remote PHP File Inclusion Vulnerability E-GADS! "locale" Parameter Handling Remote PHP File Inclusion Vulnerability Open Translation Engine "ote_home" Parameter Handling File Inclusion Vulnerability myFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability wordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability WP-Table Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability The Merchant "show" Parameter Handling Multiple Remote File Inclusion Vulnerability Imageview "album" Parameter Handling Local Arbitrary File Inclusion Vulnerability myGallery Plugin for Wordpress "myPath" Parameter Remote File Inclusion Vulnerability burnCMS "root" Parameter Handling Multiple Remote PHP File Inclusion Vulnerabilities PHP Band Manager "pg" Parameter Handling Remote PHP File Inclusion Vulnerability Wavewoo "path_include" Parameter Handling Remote PHP File Inclusion Vulnerability Sinato Jmuffin "relPath" and "folder" Parameters Remote File Inclusion Vulnerabilities Post Revolution "dir" Parameter Handling Multiple Remote File Inclusion Vulnerabilities ACVS WebServices "CheminInclude" Parameter Remote File Inclusion Vulnerability Supasite "supa[db_path]" and "supa[include_path]" Remote File Inclusion Vulnerabilities OpenSurveyPilot "cfgPathToProjectAdmin" and "cfgPathToConf" Inclusion Vulnerabilities Rezervi Generic "root" Parameter Handling Remote PHP File Inclusion Vulnerabilities jGallery "G_JGALL[inc_path]" Parameter Handling Remote File Inclusion Vulnerability Cabron Connector "CabronServiceFolder" Parameter Remote File Inclusion Vulnerability AjPortal "PagePrefix" Parameter Handling Remote PHP File Inclusion Vulnerabilities Anthologia "ads_file" Parameter Handling Remote PHP File Inclusion Vulnerability Tsdisplay4xoops "xoops_url" Parameter Handling Remote File Inclusion Vulnerability StoreFront for Gallery "GALLERY_BASEDIR" Parameter PHP File Inclusion Vulnerabilities WebSlider "path" Parameter Handling Remote PHP File Inclusion Vulnerabilities Pixaria Gallery "cfg[sys][base_path]" Parameter Remote PHP File Inclusion Vulnerability Garennes "repertoire_config" Parameter Handling Remote File Inclusion Vulnerabilities CodeBreak "process_method" Parameter Handling Remote File Inclusion Vulnerability SimpCMS Light "site" Parameter Handling Remote PHP File Inclusion Vulnerability Weatimages "ini[langpack]" Parameter Handling Remote File Inclusion Vulnerability phpGalleryScript "include_class" Parameter Remote PHP File Inclusion Vulnerability Pathos CMS "file" Parameter Handling Remote PHP File Inclusion Vulnerability Song Request System "id" Parameter Handling Remote PHP File Inclusion Vulnerability MyNews "myNewsConf[path][sys][index]" Parameter Remote File Inclusion Vulnerability PHP121 "php121dir" Parameter Handling Remote PHP File Inclusion Vulnerability MyBlog "id" and "scoreid" Parameters Handling Remote PHP File Inclusion Vulnerabilities Scorp Book "config" Parameter Handling Remote PHP File Inclusion Vulnerability AROUNDMe Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities MySpeach "my_ms[root]" Parameter Handling Remote PHP File Inclusion Vulnerability MapLab "gszAppPath" Parameter Handling Remote PHP File Inclusion Vulnerability Really Simple PHP and Ajax (RSPA) Multiple Parameter File Inclusion Vulnerabilities BT-Sondage "repertoire_visiteur" Parameter Remote PHP File Inclusion Vulnerability Advanced Login "root" Parameter Handling Remote PHP File Inclusion Vulnerability Ay System Web Content System "path[JavascriptEdit]" PHP File Inclusion Vulnerability Philex Multiple Parameter PHP File Inclusion and Arbitrary File Disclosure Vulnerabilities LAN Management System Multiple Parameter Remote PHP File Inclusion Vulnerability Digital Eye CMS "menu" Parameter Handling Remote PHP File Inclusion Vulnerability Study Planner "SPL_CFG[dirroot]" Parameter Handling Remote File Inclusion Vulnerability Active PHP Bookmark Notes "APB_SETTINGS[template_path]" Inclusion Vulnerability PHP DB Designer Multiple Parameter Handling Remote File Inclusion Vulnerabilities GroupIT "c_basepath" Parameter Handling Remote PHP File Inclusion Vulnerabilities GestArt "aide" Parameter Handling Remote PHP File Inclusion Vulnerability MySQL Commander "home" Parameter Handling Remote File Inclusion Vulnerability WebCreator "moddir" Parameter Handling Remote PHP File Inclusion Vulnerabilities WORK System E-commerce "g_include" Parameter Remote File Inclusion Vulnerability JCcorp URLshrink "formurl" Parameter Handling Remote PHP File Inclusion Vulnerability Web Organizer "baseDir" Parameter Handling Remote PHP File Inclusion Vulnerability GeoSoft Magic CMS "file" Parameter Handling Remote PHP File Inclusion Vulnerability PostGuestbook Module for PostNuke "tpl_pgb_moddir" PHP File Inclusion Vulnerability aWebNews "path_to_news" Parameter Handling Remote PHP File Inclusion Vulnerability STWC-Counter "stwc_counter_verzeichniss" Parameter PHP File Inclusion Vulnerability Sinapis Forum "fuss" Parameter Handling Remote PHP File Inclusion Vulnerability Sinapis Gastebuch "fuss" Parameter Handling Remote PHP File Inclusion Vulnerability FCRing "s_fuss" Parameter Handling Remote PHP File Inclusion Vulnerability CS-Gallery "album" Parameter Handling Remote PHP File Inclusion Vulnerability PHP Module Implementation Project "laypath" Parameter PHP File Inclusion Vulnerability LoveCMS Multiple Parameter Handling File Inclusion and SQL Injection Vulnerabilities ZPanel "body" and "page" Parameters Handling Remote PHP File Inclusion Vulnerability eFiction "path_to_smf" Parameter Handling Remote PHP File Inclusion Vulnerability FlashGameScript "func" Parameter Handling Remote PHP File Inclusion Vulnerability Ultimate Fun Board "gbpfad" Parameter Handling Remote File Inclusion Vulnerability SendStudio "ROOTDIR" Parameter Handling Remote PHP File Inclusion Vulnerability VS-Link-Partner "script_pfad" Parameter Handling Remote File Inclusion Vulnerability VS-News-System "newsordner" Parameter Handling Remote File Inclusion Vulnerability VS-Gastebuch "gb_pfad" Parameter Handling Remote PHP File Inclusion Vulnerability Htaccess Passwort Generator "ht_pfad" Parameter Remote File Inclusion Vulnerability AT Contenator "Root_To_Script" Parameter Handling Remote File Inclusion Vulnerability DreamStats "rootpath" Parameter Handling Remote PHP File Inclusion Vulnerability Flipsource Flip "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability ezConvert "ezconvert_dir" Parameter Handling Remote PHP File Inclusion Vulnerability phpEventMan "level" Parameter Handling Remote PHP File Inclusion Vulnerabilities Epistemon "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability Portail Web Php "site_path" Parameter Handling Remote File Inclusion Vulnerability Cadre "GLOBALS[config][framework_path]" Remote PHP File Inclusion Vulnerability PHPMyRing "fichier" Parameter Handling Remote PHP File Inclusion Vulnerability JV2 Folder Gallery "galleryfilesdir" Parameter Remote PHP File Inclusion Vulnerability EncapsCMS "config[path]" Parameter Handling Remote File Inclusion Vulnerability MyNews "myNewsConf[path][sys][index]" Parameter Remote File Inclusion Vulnerability GuppY "error.php" Multiple Parameter Handling Remote Code Execution Vulnerabilities EclipseBB "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability Foro Domus "sesion_idioma" Parameter Handling Remote File Inclusion Vulnerability PhP Generic Library and Framework for Comm "include_path" File Inclusion Vulnerability nsGalPHP "racineTBS" Parameter Handling Remote PHP File Inclusion Vulnerability ACGVclick "path" Parameter Handling Remote PHP File Inclusion Vulnerability Drunken:Golem Gaming Portal "root_path" Parameter Remote File Inclusion Vulnerability Xt-Stats "server_base_dir" Parameter Handling Remote PHP File Inclusion Vulnerability phpMyReports "cfgPathModule" Parameter Remote PHP File Inclusion Vulnerability MyPHPCommander "gl_root" Parameter Handling Remote File Inclusion Vulnerability AINS "ains_path" Parameter Handling Remote PHP File Inclusion Vulnerability Virtual Path for phpBB "phpbb_root_path" Parameter Remote File Inclusion Vulnerability RPW "sql_language" Parameter Handling Remote PHP File Inclusion Vulnerability Inter7 vHostAdmin "MODULES_DIR" Parameter Remote PHP File Inclusion Vulnerability FreeWebshop.org "lang_file" Parameter Handling Remote File Inclusion Vulnerability BBClone "BBC_LIB_PATH" Parameter Handling Remote File Inclusion Vulnerability phpXD "path" Parameter Handling Multiple Remote PHP File Inclusion Vulnerabilities VisoHotlink "mosConfig_absolute_path" Parameter Remote File Inclusion Vulnerability Mafia Scum Tools "gen" Parameter Handling Remote PHP File Inclusion Vulnerability MySpeach "my_ms[root]" Parameter Handling Remote PHP File Inclusion Vulnerability Neon Labs Website "g_strRootDir" Parameter Handling Remote File Inclusion Vulnerability phpIndexPage "env[inc_path]" Parameter Handling Remote File Inclusion Vulnerability ComVironment "inc_dir" Parameter Handling Remote PHP File Inclusion Vulnerability Upload-Service "maindir" Parameter Handling Remote PHP File Inclusion Vulnerability Bradabra "include_path" Parameter Handling Remote PHP File Inclusion Vulnerability PhpSherpa "racine" Parameter Handling Remote PHP File Inclusion Vulnerability PHPMyphorum "chem" Parameter Handling Remote PHP File Inclusion Vulnerability Uberghey CMS "setup_folder" Parameter Handling Remote File Inclusion Vulnerability Oreon "file" Parameter Handling Remote PHP File Inclusion Vulnerability FdWeB Espace Membres "path" Parameter Handling Remote File Inclusion Vulnerability LunarPoll "PollDir" Parameter Handling Remote PHP File Inclusion Vulnerability TLM CMS "chemin" Parameter Handling Remote PHP File Inclusion Vulnerability Poplar Gedcom Viewer "env[rootPath]" Parameter Remote File Inclusion Vulnerability Edit-X ECOMMERCE "include_dir" Parameter Remote PHP File Inclusion Vulnerability Magic Photo Storage "_config[site_path]" Parameter Remote File Inclusion Vulnerability Axiom Photo Gallery "baseAxiomPath" Parameter Remote File Inclusion Vulnerability NUNE News Script "custom_admin_path" Parameter Remote File Inclusion Vulnerablities Aratix "current_path" Parameter Handling Remote PHP File Inclusion Vulnerability Yrch! "path" Parameter Handling Remote PHP File Inclusion Vulnerability Bubla "bu_config[dir]" and "bu_dir" Parameters Remote PHP File Inclusion Vulnerabilities Event Calendar for Limbo CMS "lm_absolute_path" Remote File Inclusion Vulnerability Character Roster for Shadowed Portal "mod_root" Remote File Inclusion Vulnerability Okul Merkezi Portal "page" Parameter Handling Remote PHP File Inclusion Vulnerability PhpbbXtra "phpbb_root_path" Parameter Handling Remote File Inclusion Vulnerability MTCMS "ins_file" Parameter Handling Remote PHP File Inclusion Vulnerability Ciberia Content Federator "path" Parameter Handling Remote File Inclusion Vulnerability Irokez CMS Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities Jinzora "include_path" Parameter Handling Remote PHP File Inclusion Vulnerabilities Pagetool "ptconf[src]" Parameter Handling Remote PHP File Inclusion Vulnerability SH-News "news_cfg[path]" Parameter Handling Remote PHP File Inclusion Vulnerability KISGB "default_path_for_themes" Parameter Handling Remote File Inclusion Vulnerability Inertianews Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities PHPBuilder "filename" Parameter Handling Remote Directory Traversal Vulnerability PowerClan "settings[footer]" Parameter Handling Remote PHP File Inclusion Vulnerability Newxooper-php "chemin" Parameter Handling Remote PHP File Inclusion Vulnerabilities cwmExplorer "show_file" Parameter Handling Remote Directory Traversal Vulnerability PgmReloaded Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities TextSend Multiple Parameter Remote File Inclusion and Cross Site Scripting Vulnerabilities phpProfiles Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities Paristemi "SERVER_DIRECTORY" Parameter Remote PHP File Inclusion Vulnerability cwmVote "abs" Parameter Handling Remote PHP File Inclusion Vulnerability cwmCounter "path" Parameter Handling Remote PHP File Inclusion Vulnerability Azucar CMS "_VIEW" Parameter Handling Remote PHP File Inclusion Vulnerability VerliAdmin Multiple Parameter Handling File Inclusion and SQL Injection Vulnerabilities RateMe "pathtoscript" Parameter Handling Remote PHP File Inclusion Vulnerability Web Links Module for mxBB "module_root_path" Remote File Inclusion Vulnerability Charts Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability Meeting Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability PhpMyCms "basepath" Parameter Handling Remote PHP File Inclusion Vulnerability BLOG:CMS "DIR_ADMIN" Parameter Handling Remote PHP File Inclusion Vulnerability phpMiX Modsdb for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability Knowledge Base for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability Newssuite Module for mxBB "module_root_path" Remote PHP File Inclusion Vulnerability ErrorDocs Module for mxBB "module_root_path" Remote File Inclusion Vulnerability Profile Control Panel for mxBB "module_root_path" Remote File Inclusion Vulnerability Activity Games Module for mxBB "mx_root_path" Variable Remote File Inclusion Vulnerability Barman "basepath" Parameter Handling Remote PHP File Inclusion Vulnerability b2evolution "inc_path" Parameter Handling Remote PHP File Inclusion Vulnerability KDPics Multiple Parameter Handling File Inclusion and Cross Site Scripting Vulnerabilities Gizzar "basePath" Variable Handling Multiple Script Remote File Inclusion Vulnerabilities Profile Control Panel for mxBB "module_root_path" Remote File Inclusion Vulnerability CM68News Remote PHP File Inclusion and Client-Side Cross Site Scripting Vulnerabilities ThinkEdit "template_file" Parameter Handling Remote PHP File Inclusion Vulnerability J-OWAMP Web Interface Remote File Inclusion and Command Injection Vulnerabilities JCE Admin Component for Joomla File Inclusion and Cross Site Scripting Vulnerabilities Aj-fork for CuteNews "cutepath" Parameter Remote PHP File Inclusion Vulnerability Awrate "toroot" Parameter Handling Remote PHP File Inclusion Vulnerabilities Mx_tinies for mxBB "module_root_path" Parameter Remote File Inclusion Vulnerability PHP Upload Center "footerpage" and "language" PHP File Inclusion Vulnerabilities Campware Campsite "g_documentRoot" Parameter PHP File Inclusion Vulnerabilities Sisfo Kampus "slnt" and "fn" File Inclusion and Directory Traversal Vulnerabilities a-ConMan "cm_basedir" Parameter Handling Remote File Inclusion Vulnerability NukeAI Module for PHP-Nuke "AIbasedir" Variable Remote File Inclusion Vulnerability OWLLib "OWLLIB_ROOT" Parameter Handling Remote File Inclusion Vulnerability HIOX Star Rating System Script Remote File Inclusion and SQL Injection Vulnerabilities Site News "page" Parameter Handling Remote PHP File Inclusion Vulnerability Messagerie Locale "page" Parameter Handling Remote File Inclusion Vulnerability e-Ark "cfg_pear_path" Parameter Handling Remote PHP File Inclusion Vulnerability CalSnails Module for MxBB Portal "module_root_path" File Inclusion Vulnerability Oliver "conf[motdfile]" Parameter Handling Remote PHP File Inclusion Vulnerability PHPQuickGallery "textFile" Parameter Handling PHP File Inclusion Vulnerability WORK system e-commerce "g_include" Parameter File Inclusion Vulnerabilities Comdev One Admin Pro "path[docroot]" and "path[skin]" File Inclusion Vulnerabilities phpPeanuts "Include" Parameter Handling Remote PHP File Inclusion Vulnerability Aigaion "DIR" Parameter Handling Remote PHP File Inclusion Vulnerabilities StoryStream "baseDir" Parameter Handling Remote File Inclusion Vulnerabilities Fantastic News "CONFIG[script_path]" Variable Remote File Inclusion Vulnerabilities SocketMail "site_path" Parameter Handling Remote File Inclusion Vulnerability Cacti Multiple File Inclusion and SQL Injection Vulnerabilities 100 last CVE   CVE-2012-4867 CVE-2012-4032 CVE-2012-1496 CVE-2012-1205 CVE-2011-4679 CVE-2011-4670 CVE-2011-3981 CVE-2010-2918 CVE-2010-2786 CVE-2010-2681 CVE-2010-2358 CVE-2010-2341 CVE-2010-2314 CVE-2010-2146 CVE-2010-2128 CVE-2010-1944 CVE-2010-1927 CVE-2010-1926 CVE-2010-1922 CVE-2010-1921 CVE-2010-1920 CVE-2010-1737 CVE-2010-1267 CVE-2010-1266 CVE-2010-1216 CVE-2010-0983 CVE-2010-0754 CVE-2009-5095 CVE-2009-4986 CVE-2009-4978 CVE-2009-4977 CVE-2009-4725 CVE-2009-4693 CVE-2009-4627 CVE-2009-4614 CVE-2009-4512 CVE-2009-4472 CVE-2009-4471 CVE-2009-4321 CVE-2009-4319 CVE-2009-3636 CVE-2009-3635 CVE-2009-3634 CVE-2009-3633 CVE-2009-3632 CVE-2009-3631 CVE-2009-3630 CVE-2009-3629 CVE-2009-3628 CVE-2009-3426 CVE-2009-3425 CVE-2009-3424 CVE-2009-3312 CVE-2009-3307 CVE-2009-3306 CVE-2009-3258 CVE-2009-3257 CVE-2009-3251 CVE-2009-3250 CVE-2009-3249 CVE-2009-3248 CVE-2009-3247 CVE-2009-3188 CVE-2009-3174 CVE-2009-3149 CVE-2009-3065 CVE-2009-3064 CVE-2009-3056 CVE-2009-2791 CVE-2009-2736 CVE-2009-2735 CVE-2009-2449 CVE-2009-2444 CVE-2009-2432 CVE-2009-2431 CVE-2009-2398 CVE-2009-2336 CVE-2009-2335 CVE-2009-2334 CVE-2009-2333 CVE-2009-2332 CVE-2009-2331 CVE-2009-2330 CVE-2009-2263 CVE-2009-2229 CVE-2009-2228 CVE-2009-2183 CVE-2009-2182 CVE-2009-2181 CVE-2009-2180 CVE-2009-2015 CVE-2009-1960 CVE-2009-1781 CVE-2009-1780 CVE-2009-1779 CVE-2009-1771 CVE-2009-1770 CVE-2009-1653 CVE-2009-1576 CVE-2009-1575    Risk level  Low