Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgedview phpgedview vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3778
PhpGedView 4.2.3 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by serviceClientTest.php and certain other files.
Phpgedview Phpgedview 4.2.3
NA
CVE-2004-0032
Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote malicious users to inject arbitrary HTML and web script via the firstname parameter.
Phpgedview Phpgedview 2.61
1 EDB exploit
9.8
CVSSv3
CVE-2004-0030
PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote malicious users to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web s...
Phpgedview Phpgedview 2.61
1 EDB exploit
NA
CVE-2004-0031
PHPGEDVIEW 2.61 allows remote malicious users to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php.
Phpgedview Phpgedview 2.61
NA
CVE-2007-5051
Multiple cross-site scripting (XSS) vulnerabilities in PhpGedView 4.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) box_width, (2) PEDIGREE_GENERATIONS, and (3) rootid parameters in ancestry.php, and the (4) newpid parameter in timeline.php. NO...
Phpgedview Phpgedview 4.1.1
NA
CVE-2011-0405
Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via directory traversal sequences in the pgvaction parameter.
Phpgedview Phpgedview 4.2.3
1 EDB exploit
NA
CVE-2005-4468
PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and previous versions allows remote malicious users to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter.
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2