CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

CVE•added 2006/12/26 11:0 p.m.•33 views

CVE-2006-6744

CVE-2006-6744 affects phpProfiles prior to 2.1.1. The vulnerability arises because there is no index.php (or other index file) in (1) image_data, (2) graphics/comm, and (3) users read/write directories, which might allow remote attackers to list directory contents or cause other unknown impacts. ...

2.1CVSS7AI score0.00105EPSS

Exploits0References1Affected Software1

CVE•added 2006/12/26 11:0 p.m.•33 views

CVE-2006-6743

CVE-2006-6743 affects phpProfiles prior to 2.1.1. The vulnerability arises from world-writable permissions on certain profile files and directories, enabling local users to modify or delete files. Affected elements include (1) users/include/do_makeprofile.inc.php and (2) users/include/copy.inc.ph...

4.6CVSS6.7AI score0.00052EPSS

Exploits0References4Affected Software1

Cvelist•added 2006/12/26 11:0 p.m.•20 views

CVE-2006-6740

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the menu parameter to 1 include/body.inc.php or 2 include/bodyadmin.inc.php; or a URL in the incpath parameter to 3 index.inc.php, 4...

7.3AI score0.13051EPSS

Exploits1References21

Cvelist•added 2006/12/26 11:0 p.m.•8 views

CVE-2006-6744

phpProfiles before 2.1.1 does not have an index.php or other index file in the 1 imagedata, 2 graphics/comm, or 3 users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts...

6.7AI score0.00105EPSS

Exploits0References1

CVE•added 2006/12/26 11:0 p.m.•41 views

CVE-2006-6740

CVE-2006-5634 affects phpProfiles 2.1 Beta, allowing remote PHP code execution via a URL in the reqpath parameter to body.inc.php and body_blog.inc.php in users/include/ or via usrinc in users/include/upload_ht.inc.php. This is a PHP remote file inclusion (RFI) vulnerability. CVE-2006-6740 covers...

7.5CVSS7.5AI score0.13051EPSS

Exploits1References21Affected Software1

Positive Technologies•added 2006/12/26 12:0 a.m.•2 views

PT-2006-7341 · Unknown · Phpprofiles

Name of the Vulnerable Software and Affected Versions: phpProfiles versions 3.1.2b and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter to various PHP files, including "include/body.inc.php" and "include/body admin.inc.php", or a...

7.5CVSS7.4AI score0.13051EPSS

Exploits1References22

seebug.org•added 2006/12/22 12:0 a.m.•61 views

PHPProfiles远程文件包含漏洞

PHPProfiles是一款基于PHP的WEB应用程序。 PHPProfiles不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。问题是由于多个脚本对用户提交的WEB参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 phpProfiles phpProfiles 3.1.2b phpProfiles phpProfiles 2.1 http://sourceforge.net/project/showfiles.php?groupid=176310...

7.1AI score

Exploits0

securityvulns•added 2006/12/20 12:0 a.m.•75 views

phpProfiles <= 3.1.2b Multiple Remote File Include Vulnerabilities

+------------------------------------------------------------------------------------------- + phpProfiles = 3.1.2b Multiple Remote File Include Vulnerabilities +------------------------------------------------------------------------------------------- + Affected Software .: phpProfiles = 3.1.2b...

0.6AI score

Exploits0

0day.today•added 2006/12/19 12:0 a.m.•28 views

phpProfiles <= 3.1.2b Multiple Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== phpProfiles + include/account.inc.php, lines 09: include"$incpath/footer.inc.php"; + include/index.inc.php, lines 05: include"$incpath/adminerr.inc.php"; + ... see below fo...

7.1AI score

Exploits0

seebug.org•added 2006/12/19 12:0 a.m.•8 views

phpProfiles <= 3.1.2b Multiple Remote File Include Vulnerabilities

No description provided by source. +------------------------------------------------------------------------------------------- + phpProfiles = 3.1.2b Multiple Remote File Include Vulnerabilities +------------------------------------------------------------------------------------------- + Affect...

7.1AI score

Exploits0

Exploit DB•added 2006/12/19 12:0 a.m.•26 views

phpProfiles 3.1.2b - Multiple Remote File Inclusions

+------------------------------------------------------------------------------------------- + phpProfiles +------------------------------------------------------------------------------------------- + Details: + phpProfiles has several scripts which do not initialize variables before using them ...

7.4AI score

Exploits0

exploitpack•added 2006/12/19 12:0 a.m.•21 views

phpProfiles 3.1.2b - Multiple Remote File Inclusions

phpProfiles 3.1.2b - Multiple Remote File Inclusions +------------------------------------------------------------------------------------------- + phpProfiles +------------------------------------------------------------------------------------------- + Details: + phpProfiles has several scripts...

0.2AI score

Exploits0

NVD•added 2006/11/01 12:7 a.m.•13 views

CVE-2006-5634

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 Beta allow remote attackers to execute arbitrary PHP code via a URL in the 1 reqpath parameter to a body.inc.php and b bodyblog.inc.php in users/include/; or the 2 usrinc parameter in users/include/uploadht.inc.php...

6.8CVSS7.6AI score0.18811EPSS

Exploits1References8

CVE•added 2006/11/01 12:0 a.m.•45 views

CVE-2006-5634

CVE-2006-5634 is associated with PHP remote file inclusion in phpProfiles. Connected records document additional PHP RFI vulnerabilities in phpProfiles 3.1.2b and earlier, with multiple vectors across include/body.inc.php, body_admin.inc.php, menu files, and various incpath parameters. The core i...

6.8CVSS8AI score0.18811EPSS

Exploits1References8Affected Software1

Cvelist•added 2006/11/01 12:0 a.m.•18 views

CVE-2006-5634

7.6AI score0.18811EPSS

Exploits1References8

seebug.org•added 2006/10/31 12:0 a.m.•16 views

phpProfiles 2.1 Beta Multiple Remote File Include Vulnerabilities

No description provided by source. ================================================================== phpProfiles RFI ================================================================== Info:- Scripts: phpProfiles download : http://sourceforge.net/project/showfiles.php?groupid=176310 Version : v.2...

7.1AI score

Exploits0

0day.today•added 2006/10/30 12:0 a.m.•21 views

phpProfiles 2.1 Beta Multiple Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= phpProfiles 2.1 Beta Multiple Remote File Include Vulnerabilities =================================================================...

7.1AI score

Exploits0

Exploit DB•added 2006/10/30 12:0 a.m.•36 views

phpProfiles 2.1 Beta - Multiple Remote File Inclusions

================================================================== phpProfiles RFI ================================================================== Info:- Scripts: phpProfiles download : http://sourceforge.net/project/showfiles.php?groupid=176310 Version : v.2.1 Beta Dork & vuln : download...

7AI score

Exploits0

exploitpack•added 2006/10/30 12:0 a.m.•18 views

phpProfiles 2.1 Beta - Multiple Remote File Inclusions

phpProfiles 2.1 Beta - Multiple Remote File Inclusions ================================================================== phpProfiles RFI ================================================================== Info:- Scripts: phpProfiles download :...

0.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by