Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpwind phpwind vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-7101
SQL injection vulnerability in admin.php in PHPWind 5.0.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the AdminUser cookie.
Phpwind Phpwind
1 EDB exploit
6.1
CVSSv3
CVE-2019-13472
PHPWind 9.1.0 has XSS vulnerabilities in the c and m parameters of the index.php file.
Phpwind Phpwind 9.1.0
NA
CVE-2015-4135
Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Phpwind Phpwind 8.7
NA
CVE-2015-4134
Open redirect vulnerability in goto.php in phpwind 8.7 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Phpwind Phpwind 8.7
7.2
CVSSv3
CVE-2019-6691
phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the "--backup database" option.
Phpwind Phpwind 9.0.2.170426
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started