Cross Site Scripting (XSS)

phpxmlrpc/extras is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to inadequate input validation within the documentingxmlrpcserver class when processing the GET methodName parameter, which allows attackers to execute malicious scripts in the context of the user's browser,...

phpxmlrpc/extra XSS in class documenting_xmlrpc_server

Versions preceding 0.6.1 of the phpxmlrpc/extras project are susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability exists within the class documentingxmlrpcserver when processing the GET methodName parameter...

GHSA-WW6P-Q26W-FR6M phpxmlrpc/extra XSS in class documenting_xmlrpc_server

Versions preceding 0.6.1 of the phpxmlrpc/extras project are susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability exists within the class documentingxmlrpcserver when processing the GET methodName parameter...

PT-2024-40512 · Unknown · Phpxmlrpc/Extras

Name of the Vulnerable Software and Affected Versions: phpxmlrpc/extras versions prior to 0.6.1 Description: The issue exists within the class documenting xmlrpc server when processing the methodName parameter in GET requests, specifically through the API endpoint, allowing for a Cross-Site...

Argument Injection

phpxmlrpc/phpxmlrpc is vulnerable to Argument Injection. The vulnerability exists in multiple functions of Client.php and Wrapper.php due to improper neutralization of argument delimiters which allows an attacker to access the local file or connect to undesired URLs instead of the intended target...

Cross-site Scripting (XSS)

phpxmlrpc/phpxmlrpc is vulnerable to cross-site scripting attacks. Since the debugger is not designed to be exposed to end users or web requests it is possible for remote attackers to inject and execute malicious JavaScript via the activateeditor function of controller.php...

Command Injection

phpxmlrpc/phpxmlrpc is vulnerable to command injection. A remote attacker is able to inject malicious code via crafted values for the Address and Path inputs through the $client argument of buildClientWrapperCode function...

PT-2023-32992 · Phpxmlrpc · Phpxmlrpc

Name of the Vulnerable Software and Affected Versions: phpxmlrpc affected versions not specified Description: The issue can be exploited when specific methods such as Wrapper::buildClientWrapperCode, Wrapper::wrapXmlrpcServer, Wrapper::wrapXmlrpcMethod, or Wrapper::buildWrapMethodSource are used...

Argument Injection

phpxmlrpc/phpxmlrpc is vulnerable to argument injection. The vulnerability exists in multiple functions of Client.php and Wrapper.php due to improper neutralization of argument delimiters which allows an attacker to access local file in Client:send via manipulation of the $protocol argument...

GHSA-Q7QQ-9GX2-GGXV phpxmlrpc vulnerable to argument injection

phpxmlrpc vulnerable to argument injection via local file access in Client:send via manipulation of $protocol argument...

phpxmlrpc vulnerable to argument injection

phpxmlrpc vulnerable to argument injection via local file access in Client:send via manipulation of $protocol argument...

PT-2022-28271 · Phpxmlrpc · Phpxmlrpc

Name of the Vulnerable Software and Affected Versions: phpxmlrpc affected versions not specified Description: The issue concerns argument injection via local file access in the Client:send function. This is achieved through manipulation of the $protocol argument. Recommendations: At the moment,...

Remote Code Injection

phpxmlrpc/phpxmlrpc is vulnerable to code injection. An attacker can access local files or connect to undesired URLs instead of the intended target server's URL through the $client argument in the buildclientwrappercode function of Wrapper.php by injecting a malicious code...

code injection in phpxmlrpc/phpxmlrpc

code injection in Wrapper::buildClientWrapperCode via manipulation of the $client argument. It was possible to force the client to access local files or connect to undesired urls instead of the intended target server's url...

GHSA-3FGR-XJR6-XQM8 code injection in phpxmlrpc/phpxmlrpc

code injection in Wrapper::buildClientWrapperCode via manipulation of the $client argument. It was possible to force the client to access local files or connect to undesired urls instead of the intended target server's url...

PHPXMLRPC < 1.1 - Remote Code Execution

PHPXMLRPC Remote Code Execution Vendor: Useful Information Inc. Product: PHPXMLRPC Version: = 1.1 Website: http://phpxmlrpc.sourceforge.net/ BID: 14088 CVE: CVE-2005-1921 OSVDB: 17793 SECUNIA: 15852 PACKETSTORM: 38394 Description: PHPXMLRPC aka XML-RPC For PHP is a PHP implementation of the XML-R...

PHPXMLRPC 1.1 - Remote Code Execution

PHPXMLRPC 1.1 - Remote Code Execution PHPXMLRPC Remote Code Execution Vendor: Useful Information Inc. Product: PHPXMLRPC Version: = 1.1 Website: http://phpxmlrpc.sourceforge.net/ BID: 14088 CVE: CVE-2005-1921 OSVDB: 17793 SECUNIA: 15852 PACKETSTORM: 38394 Description: PHPXMLRPC aka XML-RPC For PH...

Gentoo Security Advisory GLSA 200507-01 (pear-xml_rpc phpxmlrpc)

The remote host is missing updates announced in advisory GLSA 200507-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200508-13 (pear-xml_rpc phpxmlrpc)

The remote host is missing updates announced in advisory GLSA 200508-13. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200507-01 (pear-xml_rpc phpxmlrpc)

The remote host is missing updates announced in advisory GLSA 200507-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...