Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpwebsite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6266
SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a viewlink action.
Appstate Phpwebsite 0.9.3-3
Appstate Phpwebsite 0.9.3-2
Appstate Phpwebsite 0.9.3-4
Appstate Phpwebsite 0.9.3-1
Appstate Phpwebsite 0.9.3
Appstate Phpwebsite 0.8.3
Appstate Phpwebsite 0.8.2
Appstate Phpwebsite 0.7.3
1 EDB exploit
NA
CVE-2003-0736
Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and previous versions allow remote malicious users to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id parameter...
Phpwebsite Phpwebsite
4 EDB exploits
NA
CVE-2003-0738
The calendar module in phpWebSite 0.9.x and previous versions allows remote malicious users to cause a denial of service (crash) via a long year parameter.
Phpwebsite Phpwebsite
NA
CVE-2003-0737
The calendar module in phpWebSite 0.9.x and previous versions allows remote malicious users to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.
Phpwebsite Phpwebsite
NA
CVE-2003-0735
SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and previous versions allows remote malicious users to execute arbitrary SQL queries, as demonstrated using the year parameter.
Phpwebsite Phpwebsite
1 EDB exploit
NA
CVE-2006-1819
Directory traversal vulnerability in the loadConfig function in index.php in phpWebSite 0.10.2 and previous versions allows remote malicious users to include arbitrary local files and execute arbitrary PHP code via the hub_dir parameter, as demonstrated by including access_log. N...
Phpwebsite Phpwebsite
NA
CVE-2006-5234
Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote malicious users to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php, (2) users.php, (3) Cookie.php, (4) forms.php, (5) Groups.php, (6) ModSetting.php, (7) Ca...
Phpwebsite Phpwebsite 0.10.2
1 EDB exploit
NA
CVE-2002-2178
Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote malicious users to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag.
Phpwebsite Phpwebsite 0.8.3
2 EDB exploits
NA
CVE-2002-1807
Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
Phpwebsite Phpwebsite 0.8.3
NA
CVE-2008-0092
Cross-site scripting (XSS) vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Phpwebsite Phpwebsite 1.4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »