Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpwebsite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6266
SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewlink action.
Appstate Phpwebsite 0.9.3-3
Appstate Phpwebsite 0.9.3-2
Appstate Phpwebsite 0.9.3-4
Appstate Phpwebsite 0.9.3-1
Appstate Phpwebsite 0.9.3
Appstate Phpwebsite 0.8.3
Appstate Phpwebsite 0.8.2
Appstate Phpwebsite 0.7.3
1 EDB exploit
NA
CVE-2006-1819
Directory traversal vulnerability in the loadConfig function in index.php in phpWebSite 0.10.2 and previous versions allows remote malicious users to include arbitrary local files and execute arbitrary PHP code via the hub_dir parameter, as demonstrated by including access_log. N...
Phpwebsite Phpwebsite
NA
CVE-2003-0735
SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and previous versions allows remote malicious users to execute arbitrary SQL queries, as demonstrated using the year parameter.
Phpwebsite Phpwebsite
1 EDB exploit
NA
CVE-2003-0736
Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and previous versions allow remote malicious users to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id parameter...
Phpwebsite Phpwebsite
4 EDB exploits
NA
CVE-2003-0737
The calendar module in phpWebSite 0.9.x and previous versions allows remote malicious users to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.
Phpwebsite Phpwebsite
NA
CVE-2003-0738
The calendar module in phpWebSite 0.9.x and previous versions allows remote malicious users to cause a denial of service (crash) via a long year parameter.
Phpwebsite Phpwebsite
NA
CVE-2002-1135
modsecurity.php 1.10 and previous versions, in phpWebSite 0.8.2 and previous versions, allows remote malicious users to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code.
Phpwebsite Phpwebsite 0.8.2
1 EDB exploit
NA
CVE-2006-5234
Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote malicious users to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php, (2) users.php, (3) Cookie.php, (4) forms.php, (5) Groups.php, (6) ModSetting.php, (7) Ca...
Phpwebsite Phpwebsite 0.10.2
1 EDB exploit
NA
CVE-2002-2178
Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote malicious users to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag.
Phpwebsite Phpwebsite 0.8.3
2 EDB exploits
NA
CVE-2008-0092
Cross-site scripting (XSS) vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Phpwebsite Phpwebsite 1.4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »