Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgedview phpgedview 2.65 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2004-0127
Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and previous versions allows remote malicious users to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter.
Phpgedview Phpgedview 2.65
Phpgedview Phpgedview 2.65.1
Phpgedview Phpgedview 2.61
Phpgedview Phpgedview 2.61.1
Phpgedview Phpgedview 2.52.3
Phpgedview Phpgedview 2.60
7.5
CVSSv2
CVE-2004-0128
PHP remote file inclusion vulnerability in the GEDCOM configuration script for phpGedView 2.65.1 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains...
Phpgedview Phpgedview 2.65.1
Phpgedview Phpgedview 2.61.1
Phpgedview Phpgedview 2.65
Phpgedview Phpgedview 2.60
Phpgedview Phpgedview 2.61
Phpgedview Phpgedview 2.52.3
1 EDB exploit
7.5
CVSSv2
CVE-2005-4469
Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and previous versions allow remote malicious users to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parameters in login_...
Phpgedview Phpgedview 2.61
Phpgedview Phpgedview 2.61.1
Phpgedview Phpgedview 2.65.2
Phpgedview Phpgedview 2.65 Beta5
Phpgedview Phpgedview 2.65
Phpgedview Phpgedview 2.65.1
Phpgedview Phpgedview 2.52.3
Phpgedview Phpgedview 2.60
Phpgedview Phpgedview
5
CVSSv2
CVE-2005-4467
Directory traversal vulnerability in help_text_vars.php in PHPGedView 3.3.7 and previous versions allows remote malicious users to read and include arbitrary files via a .. (dot dot) in the PGV_BASE_DIRECTORY parameter.
Phpgedview Phpgedview 2.61.1
Phpgedview Phpgedview 2.65
Phpgedview Phpgedview 2.65.1
Phpgedview Phpgedview 2.65.2
Phpgedview Phpgedview 2.60
Phpgedview Phpgedview 2.61
Phpgedview Phpgedview 2.52.3
Phpgedview Phpgedview 2.65 Beta5
Phpgedview Phpgedview 3.3.7
1 EDB exploit
10
CVSSv2
CVE-2008-2064
Multiple unspecified vulnerabilities in PhpGedView prior to 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems."
Phpgedview Phpgedview 0.6
Phpgedview Phpgedview 2.12
Phpgedview Phpgedview 2.13
Phpgedview Phpgedview 2.50
Phpgedview Phpgedview 4.1.1
Phpgedview Phpgedview 4.1.3
Phpgedview Phpgedview 1.1
Phpgedview Phpgedview 2.0
Phpgedview Phpgedview 3.3.8
Phpgedview Phpgedview 4.0
Phpgedview Phpgedview 0.8
Phpgedview Phpgedview 0.95
Phpgedview Phpgedview 2.60
Phpgedview Phpgedview 2.65
Phpgedview Phpgedview
Phpgedview Phpgedview 1.0
Phpgedview Phpgedview 1.04
Phpgedview Phpgedview 3.0
Phpgedview Phpgedview 3.2
7.5
CVSSv2
CVE-2004-0065
Multiple SQL injection vulnerabilities in phpGedView prior to 2.65 allow remote malicious users to execute arbitrary SQL via (1) timeline.php and (2) placelist.php.
Phpgedview Phpgedview
5
CVSSv2
CVE-2004-0066
phpGedView prior to 2.65 allows remote malicious users to obtain the absolute path of the web server via malformed parameters to (1) indilist.php, (2) famlist.php, (3) placelist.php, (4) imageview.php, (5) timeline.php, (6) clippings.php, (7) login.php, and (8) gdbi.php.
Phpgedview Phpgedview
5
CVSSv2
CVE-2004-0130
login.php in phpGedView 2.65 and previous versions allows remote malicious users to obtain sensitive information via an HTTP request to login.php that does not contain the required username or password parameters, which causes the information to be leaked in an error message.
Phpgedview Phpgedview
4.3
CVSSv2
CVE-2004-0067
Multiple cross-site scripting (XSS) vulnerabilities in phpGedView prior to 2.65 allow remote malicious users to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, ...
Phpgedview Phpgedview
14 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started