CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

166 matches found

NVD•added 2004/01/20 5:0 a.m.•11 views

CVE-2004-0031

PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php...

7.5CVSS6.8AI score0.00741EPSS

Exploits0References4

NVD•added 2004/01/20 5:0 a.m.•16 views

CVE-2004-0030

PHP remote file inclusion vulnerability in 1 functions.php, 2 authenticationindex.php, and 3 configgedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGVBASEDIRECTORY parameter to reference a URL on a remote web server that contains the code...

9.8CVSS9.8AI score0.05382EPSS

Exploits0References6

NVD•added 2004/01/20 5:0 a.m.•10 views

CVE-2004-0033

admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command...

5CVSS6.2AI score0.0707EPSS

Exploits0References5

Exploit DB•added 2004/01/19 12:0 a.m.•21 views

PHPGedView 2.x - 'Descendancy.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11868/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious...

7.4AI score

Exploits0

exploitpack•added 2004/01/19 12:0 a.m.•14 views

PHPGedView 2.x - Descendancy.php Cross-Site Scripting

PHPGedView 2.x - Descendancy.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11868/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue...

6.8AI score

Exploits0

CVE•added 2004/01/15 5:0 a.m.•61 views

CVE-2004-0067

CVE-2004-0067 describes multiple cross-site scripting (XSS) vulnerabilities in phpGedView prior to 2.65. The issue allows remote attackers to inject arbitrary HTML or JavaScript through numerous PHP/WEB pages (e.g., descendancy.php, index.php, individual.php, login.php, relationship.php, source.p...

4.3CVSS6.2AI score0.0148EPSS

Exploits0References26Affected Software1

Cvelist•added 2004/01/15 5:0 a.m.•16 views

CVE-2004-0065

Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute arbitrary SQL via 1 timeline.php and 2 placelist.php...

8.3AI score0.00487EPSS

Exploits0References3

CVE•added 2004/01/15 5:0 a.m.•45 views

CVE-2004-0065

The CVE-2004-0065 entry refers to multiple SQL injection vulnerabilities in phpGedView prior to 2.65, allowing remote attackers to execute arbitrary SQL via timeline.php and placelist.php. Affected software: phpGedView (versions before 2.65). Root cause: SQL injection in two scripts (timeline.php...

7.5CVSS8.8AI score0.00487EPSS

Exploits0References3Affected Software1

CVE•added 2004/01/15 5:0 a.m.•44 views

CVE-2004-0066

phpGedView is affected by CVE-2004-0066 up to version 2.64. The vulnerability allows remote attackers to disclose the web server’s absolute path via malformed parameters to multiple PHP pages (indilist.php, famlist.php, placelist.php, imageview.php, timeline.php, clippings.php, login.php, gdbi.ph...

5CVSS7.1AI score0.00496EPSS

Exploits0References3Affected Software1

Cvelist•added 2004/01/15 5:0 a.m.•19 views

CVE-2004-0067

Multiple cross-site scripting XSS vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via 1 descendancy.php, 2 index.php, 3 individual.php, 4 login.php, 5 relationship.php, 6 source.php, 7 imageview.php, 8 calendar.php, 9 gedrecord.php, 10...

5.9AI score0.0148EPSS

Exploits0References26

Cvelist•added 2004/01/15 5:0 a.m.•18 views

CVE-2004-0066

phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to 1 indilist.php, 2 famlist.php, 3 placelist.php, 4 imageview.php, 5 timeline.php, 6 clippings.php, 7 login.php, and 8 gdbi.php...

6.7AI score0.00496EPSS

Exploits0References3

exploitpack•added 2004/01/13 12:0 a.m.•15 views

phpGedView 2.65 beta 5 - Multiple Vulnerabilities

phpGedView 2.65 beta 5 - Multiple Vulnerabilities phpGedView Multiple Vulnerabilities Vendor: phpGedView Product: phpGedView Version: = 2.65 beta 5 Website: http://phpgedview.sourceforge.net Description: The phpGedView project parses GEDCOM 5.5 genealogy files and displays them on the Internet in...

0.2AI score

Exploits0

Packet Storm•added 2004/01/13 12:0 a.m.•21 views

phpGedView.txt

Vendor : phpGedView URL : http://phpgedview.sourceforge.net Version : 2.65 beta 5 All Versions?? Risk : Multiple Vulnerabilities Description: The phpGedView project parses GEDCOM 5.5 genealogy files and displays them on the Internet in a format similar to PAF. All it requires to run is a php...

7.4AI score

Exploits0

Exploit DB•added 2004/01/13 12:0 a.m.•28 views

phpGedView < 2.65 beta 5 - Multiple Vulnerabilities

phpGedView Multiple Vulnerabilities Vendor: phpGedView Product: phpGedView Version: = 2.65 beta 5 Website: http://phpgedview.sourceforge.net Description: The phpGedView project parses GEDCOM 5.5 genealogy files and displays them on the Internet in a format similar to PAF. All it requires to run i...

7.4AI score

Exploits0

exploitpack•added 2004/01/12 12:0 a.m.•8 views

PHPGedView 2.52.6 - Gdbi_interface.php Cross-Site Scripting

PHPGedView 2.52.6 - Gdbiinterface.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11894/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...

6.8AI score

Exploits0

exploitpack•added 2004/01/12 12:0 a.m.•10 views

PHPGedView 2.52.6 - Gedrecord.php Cross-Site Scripting

PHPGedView 2.52.6 - Gedrecord.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11891/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issu...

6.8AI score

Exploits0

Exploit DB•added 2004/01/12 12:0 a.m.•17 views

PHPGedView 2.5/2.6 - 'Gedrecord.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11891/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious...

7.4AI score

Exploits0

Exploit DB•added 2004/01/12 12:0 a.m.•24 views

PHPGedView 2.5/2.6 - 'Placelist.php' SQL Injection

source: https://www.securityfocus.com/bid/11910/info It is reported that PhpGedView is susceptible to a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to including it in an SQL query. This issue allows remote...

7AI score

Exploits0

exploitpack•added 2004/01/12 12:0 a.m.•8 views

PHPGedView 2.52.6 - Relationship.php Cross-Site Scripting

PHPGedView 2.52.6 - Relationship.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11906/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...

Exploits0

exploitpack•added 2004/01/12 12:0 a.m.•8 views

PHPGedView 2.52.6 - Timeline.php SQL Injection

PHPGedView 2.52.6 - Timeline.php SQL Injection source: https://www.securityfocus.com/bid/11925/info It is reported that PhpGedView is susceptible to a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to including ...

0.6AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by