Lucene search
K

33 matches found

exploitpack
exploitpack
added 2004/11/04 12:0 a.m.15 views

phpWebSite 0.7.30.8.x0.9.3 - User Module HTTP Response Splitting

phpWebSite 0.7.30.8.x0.9.3 - User Module HTTP Response Splitting source: https://www.securityfocus.com/bid/11673/info A remote HTTP response splitting vulnerability reportedly affects phpWebSite in its user module. This issue is due to a failure of the application to properly sanitize user-suppli...

7.4AI score
Exploits0
NVD
NVD
added 2003/10/20 4:0 a.m.14 views

CVE-2003-0737

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime in TimeZone.php of the Pear library...

5CVSS6.6AI score0.01212EPSS
Exploits0References2
NVD
NVD
added 2003/10/20 4:0 a.m.13 views

CVE-2003-0738

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service crash via a long year parameter...

7.8CVSS6.6AI score0.01378EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/09/04 4:0 a.m.23 views

CVE-2003-0737

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime in TimeZone.php of the Pear library...

6.6AI score0.01212EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/09/04 4:0 a.m.18 views

CVE-2003-0738

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service crash via a long year parameter...

6.6AI score0.01378EPSS
Exploits0References2
NVD
NVD
added 2002/10/04 4:0 a.m.14 views

CVE-2002-1135

modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execute arbitrary PHP source code via an incprefix parameter that points to the malicious code...

7.5CVSS7.7AI score0.0658EPSS
Exploits0References5
exploitpack
exploitpack
added 2002/10/02 12:0 a.m.13 views

phpWebSite 0.8.3 - article.php Cross-Site Scripting

phpWebSite 0.8.3 - article.php Cross-Site Scripting source: https://www.securityfocus.com/bid/5864/info phpWebSite is prone to cross-site scripting attacks. This vulnerability is due to insufficient sanitization of HTML tags from URI parameters processed by the 'article.php' script. As a result, ...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/02 12:0 a.m.25 views

phpWebSite 0.8.3 - 'article.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/5864/info phpWebSite is prone to cross-site scripting attacks. This vulnerability is due to insufficient sanitization of HTML tags from URI parameters processed by the 'article.php' script. As a result, an attacker may construct a malicious link to this...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/09/25 12:0 a.m.33 views

phpWebSite 0.8.3 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5802/info Problems with phpWebSite could make it possible to execute arbitrary script code in a vulnerable client. phpWebSite does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/09/25 12:0 a.m.18 views

phpWebSite 0.8.3 - News Message HTML Injection

phpWebSite 0.8.3 - News Message HTML Injection source: https://www.securityfocus.com/bid/5802/info Problems with phpWebSite could make it possible to execute arbitrary script code in a vulnerable client. phpWebSite does not sufficiently filter potentially malicious HTML code from news posts. As a...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2002/09/23 12:0 a.m.18 views

phpWebSite 0.8.2 - PHP File Inclusion

phpWebSite 0.8.2 - PHP File Inclusion source: https://www.securityfocus.com/bid/5779/info A vulnerability has been discovered in phpWebsite which allows an attacker to remotely include a malicious PHP file. It is possible for an attacker to specify a remote location for phpWebsite to download an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/09/23 12:0 a.m.24 views

phpWebSite 0.8.2 - PHP File Inclusion

source: https://www.securityfocus.com/bid/5779/info A vulnerability has been discovered in phpWebsite which allows an attacker to remotely include a malicious PHP file. It is possible for an attacker to specify a remote location for phpWebsite to download an attacker-supplied htmlheader.php scrip...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.21 views

CVE-2001-1363

Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges...

6.8AI score0.01456EPSS
Exploits0References2
Rows per page
Query Builder