Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-update php-update vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6879
Unrestricted file upload vulnerability in admin/uploads.php in PHP-Update 2.7 and previous versions allows remote authenticated users to upload arbitrary PHP scripts to the gfx/ and files/ directories via the userfile parameter.
Php-update Php-update
2 EDB exploits
NA
CVE-2006-6880
Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Update 2.7 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) newmessage, (2) newname, (3) newwebsite, or (4) newemail parameter.
Php-update Php-update
1 EDB exploit
NA
CVE-2006-6661
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and previous versions allows remote malicious users to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the (1) f, (2) newmess...
Php-update Php-update
1 EDB exploit
NA
CVE-2006-6878
admin/uploads.php in PHP-Update 2.7 and previous versions allows remote malicious users to gain privileges by setting the rights[7] parameter to 1 during a login action.
Php-update Php-update
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started