EUVD-2018-8200

Malware in sbrugna...

CVE-2020-19264

A cross-site request forgery CSRF in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd...

CVE-2024-2281 boyiddha Automated-Mess-Management-System Setting index.php access control

A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated...

PT-2023-1999 · Extplorer · Extplorer

Name of the Vulnerable Software and Affected Versions: eXtplorer version 2.1.15 Description: The issue is related to insecure permissions in the eXtplorer file manager, which can be exploited by a remote attacker to execute arbitrary code via the "index.php" component. This vulnerability is...

PT-2022-12910 · Unknown +2 · Phpliteadmin +2

Name of the Vulnerable Software and Affected Versions: phpLiteAdmin versions prior to 1.9.8.2 Description: The issue allows for XSS attacks via the newRows parameter, also known as num or number, in the index.php file. Recommendations: For versions prior to 1.9.8.2, avoid using the newRows...

PT-2007-3420 · Maian · Maian Weblog

Name of the Vulnerable Software and Affected Versions: Maian Weblog version 3.1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the path to folder parameter in the index.php file. However, it's noted that this issue was disputed by a third-party researche...

PT-2006-4905 · Php · Phpprintanalyzer

Name of the Vulnerable Software and Affected Versions: phpPrintAnalyzer version 1.1 Description: A remote file inclusion issue in index.php allows remote attackers to execute arbitrary PHP code when register globals is enabled. This is achieved via a URL in the rep par rapport racine parameter...