phpizabi phpizabi 0.848b vulnerabilities and exploits

(subscribe to this query)

NA

Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 HFP3 allows remote authenticated administrators to read arbitrary files via (1) a .. (dot dot), (2) a URL, or possibly (3) a full pathname in the id parameter in an admin.templates.edittemplate action. NOTE: som...

Phpizabi Phpizabi 0.848b

1 EDB exploit

NA

Cross-site scripting (XSS) vulnerability in index.php in PHPizabi prior to 848 Core HotFix Pack 3 allows remote malicious users to inject arbitrary web script or HTML via the query parameter in a blogs.search action.

Phpizabi Phpizabi 0.848b

NA

Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote malicious users to upload and execute arbitrary code via a filename in the CONF[CRON_LOGFILE] parameter and f...

Phpizabi Phpizabi 0.848b

1 EDB exploit

NA

The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by '{' and '}' characters, which allows remote authenticated users to obtain sensitive information via a comment containing a macro, ...

Phpizabi Phpizabi 0.848b

1 EDB exploit

NA

Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures...

Reality Medias Phpizabi 0.848b

1 EDB exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook