CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedhatCVE•added 2026/01/07 9:36 a.m.•3 views

CVE-2019-7402

An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfgqqcode parameter. This can be exploited via CSRF...

6.1CVSS5.8AI score0.00154EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-8912

Malware in sbrugna...

7.2CVSS7AI score0.00399EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-8908

Malware in sbrugna...

5.4CVSS5.5AI score0.00281EPSS

Exploits1References2

CVE•added 2019/03/07 10:0 p.m.•31 views

CVE-2019-7660

PHPMyWind 5.5 is affected by a stored XSS in the username parameter of /install/index.php (as described by CVE-2019-7660). The issue is demonstrated via admin/login.php. Multiple sources (NVD/CNVD/CVE listings) confirm the vulnerability and its basic details; no specifics about mitigations or pat...

6.1CVSS5.9AI score0.00328EPSS

Exploits1References1Affected Software1

Prion•added 2019/02/05 4:29 p.m.•12 views

Cross site request forgery (csrf)

An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfgqqcode parameter. This can be exploited via CSRF...

4.3CVSS5.9AI score0.00154EPSS

Exploits1References1Affected Software1

NVD•added 2019/02/05 4:29 p.m.•15 views

CVE-2019-7403

An issue was discovered in PHPMyWind 5.5. It allows remote attackers to delete arbitrary folders via an admin/databasebackup.php?action=import&dopost=deldir&tbname=../ URI...

5.5CVSS5.3AI score0.00341EPSS

Exploits1References1

Prion•added 2019/02/05 4:29 p.m.•13 views

Code injection

An issue was discovered in PHPMyWind 5.5. It allows remote attackers to delete arbitrary folders via an admin/databasebackup.php?action=import&dopost=deldir&tbname=../ URI...

5.5CVSS5.3AI score0.00341EPSS

Exploits1References1Affected Software1

NVD•added 2018/09/17 4:29 a.m.•10 views

CVE-2018-17130

PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,...

5.4CVSS5.3AI score0.00281EPSS

Exploits1References1

NVD•added 2018/09/17 4:29 a.m.•8 views

CVE-2018-17133

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting...

7.2CVSS7.3AI score0.00399EPSS

Exploits1References1

NVD•added 2018/09/17 4:29 a.m.•10 views

CVE-2018-17134

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfgauthor field in conjunction with a crafted cfgwebpath field...

7.2CVSS7.2AI score0.00399EPSS

Exploits1References1

Prion•added 2018/09/17 4:29 a.m.•11 views

Design/Logic Flaw

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfgauthor field in conjunction with a crafted cfgwebpath field...

6.5CVSS7.1AI score0.00399EPSS

Exploits1References1Affected Software1

Prion•added 2018/09/17 4:29 a.m.•8 views

Code injection

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting...

6.5CVSS7.3AI score0.00399EPSS

Exploits1References1Affected Software1

Prion•added 2018/09/17 4:29 a.m.•11 views

Code injection

admin/goodsupdate.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue array parameter...

6.5CVSS7.3AI score0.00399EPSS

Exploits1References1Affected Software1

Prion•added 2018/09/17 4:29 a.m.•12 views

Design/Logic Flaw

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field...

6.5CVSS7.3AI score0.00399EPSS

Exploits1References1Affected Software1

Prion•added 2018/09/17 4:29 a.m.•7 views

Design/Logic Flaw

PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,...

3.5CVSS5.2AI score0.00281EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/09/17 4:0 a.m.•9 views

CVE-2018-17134

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfgauthor field in conjunction with a crafted cfgwebpath field...

7.2AI score0.00399EPSS

Exploits1References1

Cvelist•added 2018/09/17 4:0 a.m.•10 views

CVE-2018-17133

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting...

7.3AI score0.00399EPSS

Exploits1References1

Cvelist•added 2018/09/17 4:0 a.m.•11 views

CVE-2018-17130

PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,...

5.3AI score0.00281EPSS

Exploits1References1

CNVD•added 2018/09/17 12:0 a.m.•1 views

PHPMyWind Arbitrary Code Execution Vulnerability (CNVD-2018-19540)

PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A security vulnerability exists in the admin/webconfig.php file in PHPMyWind version 5.5. A remote attacker can exploit this vulnerability to execute arbitrary code with the help of the varvalue fie...

7.2CVSS7.5AI score0.00399EPSS

Exploits1References1