Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpcoin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0947
Directory traversal vulnerability in auxpage.php in phpCoin 1.2.1b and previous versions allows remote malicious users to read and execute arbitrary files via a .. (dot dot) in the page parameter.
Coinsoft Technologies Phpcoin 1.2
Coinsoft Technologies Phpcoin 1.2.1
Coinsoft Technologies Phpcoin 1.2.1b
NA
CVE-2006-4425
Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote malicious users to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter in coin_includes scripts including (1) api.php, (2) common.php, (3) core.php, (4) custom.php, (5) db.php, (6) red...
Coinsoft Technologies Phpcoin 1.2.3
1 EDB exploit
NA
CVE-2006-4424
PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remote malicious users to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter.
Coinsoft Technologies Phpcoin 1.2.3
1 EDB exploit
NA
CVE-2005-4212
Directory traversal vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote malicious users to read arbitrary local files via ".." (dot dot) sequences in the $_CCFG[_PKG_PATH_DBSE] variable.
Coinsoft Technologies Phpcoin 1.2.2
1 EDB exploit
NA
CVE-2005-4213
SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the phpcoinsessid cookie.
Coinsoft Technologies Phpcoin 1.2.2
1 EDB exploit
NA
CVE-2005-4214
phpCOIN 1.2.2 allows remote malicious users to obtain the installation path via a direct request to config.php, which leaks the path in an error message because the _CCFG['_PKG_PATH_DBSE'] variable is not defined.
Coinsoft Technologies Phpcoin 1.2.2
NA
CVE-2005-4211
PHP remote file inclusion vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote malicious users to execute arbitrary PHP code via a URL in the $_CCFG[_PKG_PATH_DBSE] variable.
Coinsoft Technologies Phpcoin 1.2.2
1 EDB exploit
NA
CVE-2005-4447
SQL injection vulnerability in articles\articles_funcs.php in phpCOIN 1.2.2 allows remote malicious users to modify SQL syntax and possibly execute SQL in limited circumstances via the rec_next parameter. NOTE: the original disclosure suggests that command injection is not feasib...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2