Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgedview phpgedview vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5051
Multiple cross-site scripting (XSS) vulnerabilities in PhpGedView 4.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) box_width, (2) PEDIGREE_GENERATIONS, and (3) rootid parameters in ancestry.php, and the (4) newpid parameter in timeline.php. NO...
Phpgedview Phpgedview 4.1.1
9.8
CVSSv3
CVE-2004-0030
PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote malicious users to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web s...
Phpgedview Phpgedview 2.61
1 EDB exploit
NA
CVE-2004-0031
PHPGEDVIEW 2.61 allows remote malicious users to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php.
Phpgedview Phpgedview 2.61
NA
CVE-2004-0033
admin.php in PHPGEDVIEW 2.61 allows remote malicious users to obtain sensitive information via an action parameter with a phpinfo command.
Phpgedview Phpgedview 2.61
1 EDB exploit
NA
CVE-2011-3778
PhpGedView 4.2.3 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by serviceClientTest.php and certain other files.
Phpgedview Phpgedview 4.2.3
NA
CVE-2004-0032
Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote malicious users to inject arbitrary HTML and web script via the firstname parameter.
Phpgedview Phpgedview 2.61
1 EDB exploit
NA
CVE-2005-4468
PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and previous versions allows remote malicious users to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter.
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2