Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmywind vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-16703
admin/infolist_add.php in PHPMyWind 5.6 has stored XSS.
Phpmywind Phpmywind 5.6
4.8
CVSSv3
CVE-2019-16704
admin/infoclass_update.php in PHPMyWind 5.6 has stored XSS.
Phpmywind Phpmywind 5.6
7.2
CVSSv3
CVE-2021-39503
PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without "<, >, ?, =, `,...." In WriteConfig() function, an attacker can inject php code to /include/config.cache.php file.
Phpmywind Phpmywind 5.6
5.4
CVSSv3
CVE-2018-17130
PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,
Phpmywind Phpmywind 5.5
7.2
CVSSv3
CVE-2018-17131
admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field.
Phpmywind Phpmywind 5.5
7.2
CVSSv3
CVE-2018-17132
admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue[] array parameter.
Phpmywind Phpmywind 5.5
7.2
CVSSv3
CVE-2018-17133
admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting.
Phpmywind Phpmywind 5.5
7.2
CVSSv3
CVE-2018-17134
admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfg_author field in conjunction with a crafted cfg_webpath field.
Phpmywind Phpmywind 5.5
6.5
CVSSv3
CVE-2020-19964
A Cross Site Request Forgery (CSRF) vulnerability exists in PHPMyWind 5.6 which allows malicious users to create a new administrator account without authentication.
Phpmywind Phpmywind 5.6
6.1
CVSSv3
CVE-2018-11487
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php.
Phpmywind Phpmywind 5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »