CVE-2006-4879

SQL injection vulnerability in profile.php in David Bennett PHP-Post PHPp 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter...

CVE-2006-4877

Variable overwrite vulnerability in David Bennett PHP-Post PHPp 1.0 and earlier allows remote attackers to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the tableprefix parameter in 1 index.php, 2 profile.php, and 3 header.php...

CVE-2006-4881

Multiple cross-site scripting XSS vulnerabilities in David Bennett PHP-Post PHPp 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the replyuser parameter in a pm.php; 2 the txtjumpto parameter in b dropdown.php; the 3 txterror and 4 txttemplatenotexist parameter...

PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability

No description provided by source. KAPDA::52 - PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability Vulnerable product: Tested on PHP-Post 0.21 and 1.0 Vendor: http://php-post.co.uk Vulnerability: Privilege Escalation Date: -------------------- Found: Nov 23, 2005 Vendor Contacted:...

CVE-2005-3770

Multiple cross-site scripting XSS vulnerabilities in PHP-Post PHPp 1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the subject in a post, or the user parameter to 2 profile.php and 3 mail.php...