Lucene search

Exophpdesk Security Vulnerabilities

cve

CVE-2011-3736

ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgrade9.php and certain other...

6.4AI Score

0.003EPSS

2011-09-23 11:55 PM

cve

CVE-2008-6917

SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user...

9.3AI Score

0.001EPSS

2009-08-07 07:00 PM

cve

CVE-2007-5991

SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary SQL commands via the user parameter in a profile fn...

9.3AI Score

0.002EPSS

2007-11-15 10:46 PM

cve

CVE-2007-5990

Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a user profile, possibly the (1) name and (2) website parameters to...

6.3AI Score

0.003EPSS

2007-11-15 10:46 PM

cve

CVE-2007-0676

SQL injection vulnerability in faq.php in ExoPHPDesk 1.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id...

8.6AI Score

0.085EPSS

2007-02-03 01:28 AM

cve

CVE-2006-5951

PHP remote file inclusion vulnerability in pipe.php in Exophpdesk 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file...

8.3AI Score

0.057EPSS

2006-11-17 12:07 AM