36 matches found
EUVD-2011-3735
Malware in sbrugna...
EUVD-2004-0128
Malware in sbrugna...
EUVD-2004-0033
Malware in sbrugna...
EUVD-2004-0066
Malware in sbrugna...
Directory traversal
Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter...
phpged.txt
========================================================================================================================== PhpGedView 4.0.2 DOCUMENTROOT File inclusion Vulnerablity ======================================= Script:PhpGedView ============= Version:4.0.2 ============= script...
CVE-2004-0031
PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php...
CVE-2004-0127
Directory traversal vulnerability in editconfiggedcom.php for phpGedView 2.65.1 and earlier allows remote attackers to read arbitrary files or execute arbitrary PHP programs on the server via .. dot dot sequences in the gedcomconfig parameter...
CVE-2004-0066
phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to 1 indilist.php, 2 famlist.php, 3 placelist.php, 4 imageview.php, 5 timeline.php, 6 clippings.php, 7 login.php, and 8 gdbi.php...
CVE-2004-0130
login.php in phpGedView 2.65 and earlier allows remote attackers to obtain sensitive information via an HTTP request to login.php that does not contain the required username or password parameters, which causes the information to be leaked in an error message...
CVE-2004-0127
The CVE-2004-0127 entry concerns a directory-traversal vulnerability in phpGedView
phpGedView_v2.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP Code Injection Vulnerabilities in phpGedView 2.65.1 and prior Summary : phpGedView is an open source system for online viewing Gedcom information family tree and genology information. Multiple PHP Code Injection vulnerabilities exist in the...
PHPGedView 2.x - Editconfig_gedcom.php Directory Traversal
PHPGedView 2.x - Editconfiggedcom.php Directory Traversal source: https://www.securityfocus.com/bid/9529/info It has been reported that PhpGedView may be prone to a directory traversal vulnerability that may allow a remote attacker to access files outside the server root directory. The problem...
PHPGedView 2.x - [GED_File]_conf.php Remote File Inclusion
PHPGedView 2.x - GEDFileconf.php Remote File Inclusion source: https://www.securityfocus.com/bid/9531/info It has been reported that PhpGedView may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a...
PHPGedView 2.x - '[GED_File]_conf.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/9531/info It has been reported that PhpGedView may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem reportedly exists because...
CVE-2004-0031
PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php...
CVE-2004-0030
PHP remote file inclusion vulnerability in 1 functions.php, 2 authenticationindex.php, and 3 configgedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGVBASEDIRECTORY parameter to reference a URL on a remote web server that contains the code...
CVE-2004-0033
admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command...
PHPGedView 2.x - 'Descendancy.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11868/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious...
PHPGedView 2.x - Descendancy.php Cross-Site Scripting
PHPGedView 2.x - Descendancy.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11868/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue...