Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3385
Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the content parameter. NOTE: in some environments, this can be leveraged for remote f...
Linuxwebshop Php Help Agent 1.0
Linuxwebshop Php Help Agent 1.1
1 EDB exploit
5.3
CVSSv3
CVE-2018-16549
HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter.
Php File Browser Script Project Php File Browser Script 1.0
NA
CVE-2002-2249
PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote malicious users to execute arbitrary PHP commands via the neurl parameter to (1) backend.php, (2) screen.php, or (3) admin/modules/comment.php.
Php Evolution News Evolution 1.0
Php Evolution News Evolution 2.0
1 EDB exploit
NA
CVE-2000-0745
admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote malicious users to gain privileges by requesting a URL that does not specify the aid or pwd parameter.
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 1.0
1 EDB exploit
NA
CVE-2008-7027
Libra File Manager 1.18 and previous versions allows remote malicious users to bypass authentication and gain privileges by setting the user and pass cookies to 1.
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.03
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.0
1 EDB exploit
NA
CVE-2002-0206
index.php in Francisco Burzi PHP-Nuke 5.3.1 and previous versions, and possibly other versions prior to 5.5, allows remote malicious users to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.
Francisco Burzi Php-nuke 1.0
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 4.4.1a
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 5.2a
1 EDB exploit
NA
CVE-2002-2032
sql_layer.php in PHP-Nuke 5.4 and previous versions does not restrict access to debugging features, which allows remote malicious users to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php.
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 1.0
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 5.4
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 4.4.1a
1 EDB exploit
NA
CVE-2001-1524
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext pa...
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 4.4.1a
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.2
2 EDB exploits
NA
CVE-2012-5098
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php.
J Waite Php-x-links 1.0
J Waite Php-x-links 0.1
1 EDB exploit
NA
CVE-2008-2565
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Php-address Book Php-address Book 3.1.2
Php-address Book Php-address Book 3.1.1
Php-address Book Php-address Book 2.1.1
Php-address Book Php-address Book 2.1
Php-address Book Php-address Book 2.0
Php-address Book Php-address Book 3.4.4
Php-address Book Php-address Book 3.4.3
Php-address Book Php-address Book
Php-address Book Php-address Book 3.1.5
Php-address Book Php-address Book 2.6
Php-address Book Php-address Book 2.4
Php-address Book Php-address Book 3.4.8
Php-address Book Php-address Book 3.4.7
Php-address Book Php-address Book 3.4
Php-address Book Php-address Book 3.3.18
Php-address Book Php-address Book 3.1
Php-address Book Php-address Book 3.0
Php-address Book Php-address Book 1.2
Php-address Book Php-address Book 1.0
Php-address Book Php-address Book 3.4.2
Php-address Book Php-address Book 3.4.1
Php-address Book Php-address Book 3.1.4
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »