phpadsnew phpadsnew vulnerabilities and exploits

(subscribe to this query)

Multiple SQL injection vulnerabilities in lib-sessions.inc.php in phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allow remote malicious users to execute arbitrary SQL commands via the sessionID parameter in (1) logout.php and (2) index.php.

Phpadsnew Phpadsnew 2 Dev 2001-09-30 Phpadsnew Phpadsnew 2.0.6 Phpadsnew Phpadsnew 2.0.7 Rc1 Phpadsnew Phpadsnew 2.0.5 Phpadsnew Phpadsnew 2.0.4 Pr1 Phpadsnew Phpadsnew 2.0 Beta5 Phppgads Phppgads 2.0.6 Phpadsnew Phpadsnew 2.0 Beta6 Phpadsnew Phpadsnew 2 Dev 2001-10-09

phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote malicious users to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetsta...

Phpadsnew Phpadsnew 2 Dev 2001-09-30 Phpadsnew Phpadsnew 2.0.6 Phpadsnew Phpadsnew 2.0.5 Phpadsnew Phpadsnew 2.0.4 Pr1 Phpadsnew Phpadsnew 2.0 Beta5 Phppgads Phppgads 2.0.6 Phpadsnew Phpadsnew 2.0 Beta6 Phpadsnew Phpadsnew 2 Dev 2001-10-09

Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds prior to 2.0.8 allow remote malicious users to inject arbitrary web script or HTML via the (1) certain parameters to the banner delivery module, which is not properly handled in the administrato...

Phppgads Phppgads 2.0.4 Pr2 Phpadsnew Phpadsnew 2.0.2 Phpadsnew Phpadsnew 2.0 Phppgads Phppgads 2.0.4 Phpadsnew Phpadsnew 2.0.4 Phpadsnew Phpadsnew 2.0.5 Phppgads Phppgads 2.0.7 Phpadsnew Phpadsnew 2.0.3 Phppgads Phppgads 2.0.5 Phpadsnew Phpadsnew 2.0.7 Phpadsnew Phpadsnew 2 Dev 2001-10-09

Directory traversal vulnerability in upgrade.php in phpAdsNew 2.0.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the phpAds_config[language] parameter. NOTE: this issue could not be reproduced by a third party

Phpadsnew Phpadsnew 2.0.8

Multiple PHP remote file inclusion vulnerabilities in Openads (aka phpAdsNew) 2.0.7 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) phpAds_geoPlugin parameter to libraries/lib-remotehost.inc, the (2) filename parameter to admin/report-index, or the...

Phpadsnew Phpadsnew 2.0.7

Cross-site scripting (XSS) vulnerability in lib-history.inc.php in phpAdsNew and phpPgAds prior to 2.0.8-pr1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to injected data that is stored by a delivery script and displayed by...

Phpadsnew Phpadsnew Phppgads Phppgads

phpAdsNew 2.0.4 allows remote malicious users to obtain sensitive information via a direct request to (1) lib-xmlrpcs.inc.php, (2) maintenance-activation.php, (3) maintenance-cleantables.php, (4) maintenance-autotargeting.php, (5) maintenance-reports.php, (6) phpads.php, (7) remo...

Phpadsnew Phpadsnew 2.0.4 Pr1

HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and previous versions allows remote malicious users to inject arbitrary HTML headers via adclick.php and possibly other unspecified vectors.

Phppgads Phppgads Phpadsnew Phpadsnew

PHPAdsNew PHP script allows remote malicious users to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Phpadsnew Phpadsnew 2.0 Beta5

Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds prior to 2.0.6 allow remote malicious users to include arbitrary files via a .. (dot dot) in the (1) layerstyle parameter to adlayer.php or (2) language parameter to js-form.php.

Phppgads Phppgads Phpadsnew Phpadsnew

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook