Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpizabi phpizabi 0.848b vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2008-3239
Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote malicious users to upload and execute arbitrary code via a filename in the CONF[CRON_LOGFILE] parameter and f...
Phpizabi Phpizabi 0.848b
1 EDB exploit
635
VMScore
CVE-2008-3723
Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 HFP3 allows remote authenticated administrators to read arbitrary files via (1) a .. (dot dot), (2) a URL, or possibly (3) a full pathname in the id parameter in an admin.templates.edittemplate action. NOTE: som...
Phpizabi Phpizabi 0.848b
1 EDB exploit
383
VMScore
CVE-2008-3735
Cross-site scripting (XSS) vulnerability in index.php in PHPizabi prior to 848 Core HotFix Pack 3 allows remote malicious users to inject arbitrary web script or HTML via the query parameter in a blogs.search action.
Phpizabi Phpizabi 0.848b
405
VMScore
CVE-2008-2018
The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by '{' and '}' characters, which allows remote authenticated users to obtain sensitive information via a comment containing a macro, ...
Phpizabi Phpizabi 0.848b
1 EDB exploit
935
VMScore
CVE-2008-0805
Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures...
Reality Medias Phpizabi 0.848b
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started