Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoneo-soft phptraffica vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3647
The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and previous versions allows remote malicious users to bypass authentication and obtain administrative access by setting the username cookie to "traffic." NOTE: some of these details are obtained from thi...
Zoneo-soft Phptraffica 1.4.3
Zoneo-soft Phptraffica 1.4
Zoneo-soft Phptraffica 1.4.2
NA
CVE-2007-3426
Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA 1.4.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Zoneo-soft Phptraffica
1 EDB exploit
NA
CVE-2007-3427
SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pageid parameter in a stats action.
Zoneo-soft Phptraffica
1 EDB exploit
NA
CVE-2014-8340
SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via a User-Agent HTTP header.
Zoneo-soft Phptraffica
NA
CVE-2015-2926
Cross-site scripting (XSS) vulnerability in Php/stats/statsRecent.inc.php in phpTrafficA 2.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the HTTP User-Agent header to index.php.
Zoneo-soft Phptraffica
NA
CVE-2006-7209
Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA prior to 1.2beta2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to keywords results in the (1) main, (2) daily, (3) weekly, (4) monthly, (5) new trends, (6) in...
Zoneo-soft Phptraffica
NA
CVE-2007-3425
Directory traversal vulnerability in index.php in phpTrafficA 1.4.2 and previous versions allows remote malicious users to include arbitrary local files via the lang parameter, a different vector and version than CVE-2007-1076.2.
Zoneo-soft Phptraffica
1 EDB exploit
NA
CVE-2007-3428
Multiple unspecified vulnerabilities in phpTrafficA prior to 1.4.2 allow remote malicious users to have an unknown impact via the file parameter to (1) plotStatBar.php or (2) plotStatPie.php, different vectors than CVE-2007-1076.
Zoneo-soft Phptraffica
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started