EUVD-2015-4028

Malware in sbrugna...

EUVD-2022-3545

Malicious code in bioql PyPI...

EUVD-2021-30605

Malicious code in bioql PyPI...

phpWhois arbitrary code execution via a crafted whois record

phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...

GHSA-C95F-27GX-6VQ9 phpWhois arbitrary code execution via a crafted whois record

phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...

PhpWhois Cross-Site Scripting Vulnerability

PhpWhois is a Whois library containing Php by Spanish individual developer David Saez Padros. A cross-site scripting vulnerability exists in PhpWhois, which originates in the file example.php, where the exit function will terminate the script and print a message to the user. No detailed...

CVE-2021-43698

phpWhois last update Jun 30 2021 is affected by a Cross Site Scripting XSS vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $GET'query' then there is a XSS vulnerability...

CVE-2021-43698

phpWhois last update Jun 30 2021 is affected by a Cross Site Scripting XSS vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $GET'query' then there is a XSS vulnerability...

Cross site scripting

phpWhois last update Jun 30 2021 is affected by a Cross Site Scripting XSS vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $GET'query' then there is a XSS vulnerability...

CVE-2021-43698

phpWhois last update Jun 30 2021 is affected by a Cross Site Scripting XSS vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $GET'query' then there is a XSS vulnerability...

CVE-2021-43698

The CVE-2021-43698 entry concerns phpWhois (a PHP Whois library). The vulnerability is a Cross-Site Scripting (XSS) flaw in the example.php file, where the exit() path prints a user-visible message that includes $_GET['query'], enabling injection. Affected component/function: example.php within p...

PhpWhois 跨站脚本漏洞

PhpWhois is a Whois library containing Php by Spanish individual developer David Saez Padros. A cross-site scripting vulnerability exists in PhpWhois, which originates in the file example.php, where the exit function will terminate the script and print a message to the user. No detailed...

Arbitrary Code Execution

phpwhois/phpwhois is vulnerable to arbitrary code execution attacks. The application unsafely uses the PH function eval, allowing a malicious user to inject and execute arbitrary PHP code through it...

CVE-2015-5243

phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...

CVE-2015-5243

CVE-2015-5243 affects phpWhois and several forks. The vulnerability arises from the generic_parser_b in the WHOIS data parser, which builds PHP statements and passes them to eval, allowing arbitrary code execution when processing crafted WHOIS records. Impact is remote code execution via manipula...

CVE-2015-5243

phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...

PHP Code Injection

phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

WordPress adsense-click-fraud-monitoring phpwhois cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers. adsense-click-fraud-monitoring is one of the malicious click monitoring plugins. phpwhois is a package containing Whois libraries fo...

Cross site scripting

Cross-site scripting XSS vulnerability in phpwhois 4.2.5, as used in the adsense-click-fraud-monitoring plugin 1.7.5 for WordPress, allows remote attackers to inject arbitrary web script or HTML via the query parameter to whois.php...