Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pwsphp pwsphp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0942
SQL injection vulnerability in profil.php in PwsPHP 1.2.3, and possibly earlier versions, allows remote malicious users to execute arbitrary SQL commands via the aff_news_form parameter, a different vulnerability than CVE-2005-1509.
Pwsphp Pwsphp
1 EDB exploit
NA
CVE-2005-1509
SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Pwsphp Pwsphp 1.2.2
NA
CVE-2005-1508
Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) month or (2) annee parameters to the news module, (3) nbractif or (4) annee parameters to the stats module, (5) id parameter to prof...
Pwsphp Pwsphp 1.2.2
NA
CVE-2005-1510
PwsPHP 1.2.2 allows remote malicious users to obtain sensitive information via a direct request to the admin directory, which reveals the path in an error message.
Pwsphp Pwsphp 1.2.2
NA
CVE-2005-1511
PwsPHP 1.2.2 allows remote malicious users to bypass authentication and post arbitrary comments via the Pseudo cookie.
Pwsphp Pwsphp 1.2.2
NA
CVE-2005-1512
The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote malicious users to upload and possibly execute arbitrary files.
Pwsphp Pwsphp 1.2.2
NA
CVE-2006-0943
SQL injection vulnerability in the sondages module in index.php in PwsPHP 1.2.3 allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Pwsphp Pwsphp 1.2.3
1 EDB exploit
NA
CVE-2006-0668
SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote malicious users to execute arbitrary SQL commands via the id parameter, possibly in message.php in the espace_membre module. NOTE: the provenance of this information is unknown; the details are obtained solely...
Pwsphp Pwsphp 1.2.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started