Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phlatline personal information manager 1.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv2
CVE-2008-4425
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote malicious users to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.
Phlatline Personal Information Manager 1.0
3 EDB exploits
4.3
CVSSv2
CVE-2008-4426
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the date parameter in a new action.
Phlatline Personal Information Manager 1.0
3 EDB exploits
7.5
CVSSv2
CVE-2008-4427
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions does not require administrative authentication, which allows remote malicious users to change arbitrary passwords.
Phlatline Personal Information Manager
3 EDB exploits
10
CVSSv2
CVE-2008-4428
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-l...
Phlatline Personal Information Manager
3 EDB exploits
7.5
CVSSv2
CVE-2008-4528
Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action.
Phlatline Personal Information Manager 1.01
4 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started