Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pblang pblang vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5062
PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the temppath parameter.
Pblang Pblang 4.66
Pblang Pblang
Pblang Pblang 4.0
Pblang Pblang 4.56 4.5 Rc2
Pblang Pblang 4.6
Pblang Pblang 4.63
Pblang Pblang 4.65
1 EDB exploit
2.1
CVSSv2
CVE-2005-0630
sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter.
Pblang Pblang 4.0
Pblang Pblang 4.56 4.5 Rc2
Pblang Pblang 4.6
Pblang Pblang 4.63
2.1
CVSSv2
CVE-2005-0631
delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters.
Pblang Pblang 4.0
Pblang Pblang 4.56 4.5 Rc2
Pblang Pblang 4.6
Pblang Pblang 4.63
6.8
CVSSv2
CVE-2007-3096
Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Pblang Pblang
1 EDB exploit
10
CVSSv2
CVE-2007-1052
PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the dbpath parameter, a different vector than CVE-2006-5062. NOTE: this issue has been disputed by a reliable t...
Pblang Pblang
4.3
CVSSv2
CVE-2005-0526
Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote malicious users to inject arbitrary web script or HTML via (1) the search string to search.php, (2) the subject of a PM, which is processed by pm.php, or (3) the body of a PM, which is processed by pm...
Pblang Pblang 4.65
7.5
CVSSv2
CVE-2005-2893
Direct static code injection vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote malicious users to execute arbitrary PHP code via the username (u parameter), which is directly injected into a file that is later executed upon login.
Pblang Pblang 4.65
4.3
CVSSv2
CVE-2005-2894
Cross-site scripting (XSS) vulnerability in the user registration in PBLang 4.65, and possibly earlier versions, allows remote malicious users to inject arbitrary web script or PHP via the location field.
Pblang Pblang 4.65
5
CVSSv2
CVE-2005-2895
setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote malicious users to obtain sensitive information via a %00 (a null byte) in the u parameter, which reveals the path in an error message.
Pblang Pblang 4.65
5
CVSSv2
CVE-2005-2892
Directory traversal vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote malicious users to read arbitrary files via ".." sequences and "%00" (trailing null byte) in the u parameter.
Pblang Pblang 4.65
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »