php-programs vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078.

Php-programs Apboard Developers Apboard

1 EDB exploit

7.5

CVSSv2

Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and previous versions, allows remote malicious users to upload and execute arbitrary PHP programs.

Justin White Freewps

1 EDB exploit

7.5

CVSSv2

Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and previous versions allows remote malicious users to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter.

Phpgedview Phpgedview 2.65 Phpgedview Phpgedview 2.65.1 Phpgedview Phpgedview 2.61 Phpgedview Phpgedview 2.61.1 Phpgedview Phpgedview 2.52.3 Phpgedview Phpgedview 2.60

7.5

CVSSv2

Directory traversal vulnerability in SaveWebPortal 3.4 allows remote malicious users to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.

Savewebportal Savewebportal 3.4

4.3

CVSSv2

Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote malicious users to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended...

Apache Http Server 2.2.6 Apache Http Server 2.2.6

1 EDB exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook