Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpprofiles phpprofiles vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6740
Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the incpath paramet...
Phpprofiles Phpprofiles 2.1
Phpprofiles Phpprofiles
1 EDB exploit
NA
CVE-2006-5634
Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 Beta allow remote malicious users to execute arbitrary PHP code via a URL in the (1) reqpath parameter to (a) body.inc.php and (b) body_blog.inc.php in users/include/; or the (2) usrinc parameter in users/inclu...
Phpprofiles Phpprofiles
1 EDB exploit
NA
CVE-2006-6743
phpProfiles prior to 2.1.1 uses world writable permissions for certain profile files and directories, which allows local users to modify or delete files, related to (1) users/include/do_makeprofile.inc.php and (2) users/include/copy.inc.php.
Phpprofiles Phpprofiles 2.1.0
NA
CVE-2006-6744
phpProfiles prior to 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote malicious users to list directory contents or have other unknown impacts.
Phpprofiles Phpprofiles 2.1.0
NA
CVE-2008-1051
PHP remote file inclusion vulnerability in include/body_comm.inc.php in phpProfiles 4.5.2 BETA allows remote malicious users to execute arbitrary PHP code via a URL in the content parameter.
Phpprofiles Phpprofiles 4.5.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started