Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php-update php-update vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-6878
admin/uploads.php in PHP-Update 2.7 and previous versions allows remote malicious users to gain privileges by setting the rights[7] parameter to 1 during a login action.
Php-update Php-update
1 EDB exploit
610
VMScore
CVE-2006-6879
Unrestricted file upload vulnerability in admin/uploads.php in PHP-Update 2.7 and previous versions allows remote authenticated users to upload arbitrary PHP scripts to the gfx/ and files/ directories via the userfile parameter.
Php-update Php-update
2 EDB exploits
755
VMScore
CVE-2006-6880
Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Update 2.7 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) newmessage, (2) newname, (3) newwebsite, or (4) newemail parameter.
Php-update Php-update
1 EDB exploit
755
VMScore
CVE-2006-6661
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and previous versions allows remote malicious users to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the (1) f, (2) newmess...
Php-update Php-update
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started