EUVD-2008-0105

Malware in sbrugna...

CVE-2011-4265

Cross-site scripting XSS vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2005-4792

SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2002-2178

Cross-site scripting XSS vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag...

CVE-2002-1807

Cross-site scripting XSS vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag...

PHPWebSite 0.8.3 News Message HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5802/info Problems with phpWebSite could make it possible to execute arbitrary script code in a vulnerable client. phpWebSite does not sufficiently filter potentially malicious HTML code from news posts. As a result, when...

PHPWebSite 0.8.3 Article.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5864/info phpWebSite is prone to cross-site scripting attacks. This vulnerability is due to insufficient sanitization of HTML tags from URI parameters processed by the 'article.php' script. As a result, an attacker may...

PHPWebSite 0.x Image File Processing Remote Arbitrary PHP File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12653/info phpWebSite is reported prone to a remote arbitrary PHP file upload vulnerability. The issue presents itself due to a lack of sanitization performed on image files that are uploaded when submitting an...

phpWebsite 0.7.3/0.8.x/0.9.x Index.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14166/info phpWebSite is affected by a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote unauthorized user can disclose the contents of...

phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PHPWebSite = 0.10.2 remote cmmnds xctn\r\n; echo - arbitrary local inclusion, works with magicquotesgpc = Off\r\n; echo by rgod, mail: [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; if $argc4...

phpWebSite <= 0.10.0 (module) SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::Simple; $serv = $ARGV0; $path = $ARGV1; $name = $ARGV2; sub usage print \nUsage: $0 server path username \n; print sever - URL\n; print path - path to index.php\n; print username - name register user\n\n; exit ; sub work print qq...

phpWebSite <= 0.9.3 'links.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32011/info phpWebSite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

PHPWebSite 0.7.3/0.8.x/0.9.3 User Module HTTP Response Splitting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11673/info A remote HTTP response splitting vulnerability reportedly affects phpWebSite in its user module. This issue is due to a failure of the application to properly sanitize user-supplied input. A remote attacker may...

phpWebsite 0.8.2 PHP File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5779/info A vulnerability has been discovered in phpWebsite which allows an attacker to remotely include a malicious PHP file. It is possible for an attacker to specify a remote location for phpWebsite to download an...

PHPWebSite 0.10.2 PHPWS_SOURCE_DIR Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20412/info phpWebSite is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application an...

phpWebSite <= 0.10.0-full (topics.php) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl advisory sent in by SnIpErSA selfar2002athotmail.com http://www.target.com/topics.php?op=viewtopic&topic=-1%20Union%20select%20name,name,pass,name%20From%20users%20where%20uid=1 ported by str0ke milw0rm.com from x97Rangs code RST/GHC...

phpWebsite 0.8.2/0.8.3 article.php sid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17150/info phpWebSite is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit...

CVE-2011-4265

Cross-site scripting XSS vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-4265

Cross-site scripting XSS vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...