CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Prion•added 2021/08/20 2:15 p.m.•16 views

Command injection

Command Injection in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the "text color" field of the component '/admin/webconfig.php'...

6.5CVSS7.6AI score0.01662EPSS

Exploits1References2Affected Software1

Prion•added 2021/05/27 4:15 p.m.•8 views

Cross site scripting

Cross Site Scripting XSS in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfgcopyright" of component " /admin/webconfig.php"...

3.5CVSS5.3AI score0.00434EPSS

Exploits1References1Affected Software1

OSV•added 2018/09/17 4:29 a.m.•0 views

CVE-2018-17131

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field...

7.2CVSS6.1AI score

Exploits0References1

NVD•added 2018/09/17 4:29 a.m.•10 views

CVE-2018-17134

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfgauthor field in conjunction with a crafted cfgwebpath field...

7.2CVSS7.2AI score0.00399EPSS

Exploits1References1

Prion•added 2018/09/17 4:29 a.m.•13 views

Design/Logic Flaw

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field...

6.5CVSS7.3AI score0.00399EPSS

Exploits1References1Affected Software1

CVE•added 2018/09/17 4:0 a.m.•36 views

CVE-2018-17131

CVE-2018-17131 affects PHPMyWind 5.5: admin/web_config.php allows an admin to execute arbitrary code via the varvalue field due to improper input handling. This results in arbitrary code execution with admin privileges; CVSS scores indicate MEDIUM to HIGH impact across versions. Exploitation deta...

7.2CVSS7.3AI score0.00399EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/09/17 4:0 a.m.•9 views

CVE-2018-17134

admin/webconfig.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfgauthor field in conjunction with a crafted cfgwebpath field...

7.2AI score0.00399EPSS

Exploits1References1

CVE•added 2018/09/17 4:0 a.m.•38 views

CVE-2018-17133

CVE-2018-17133 affects PHPMyWind 5.5, where admin/web_config.php allows an Admin user to execute arbitrary code via the rewrite url setting. Root cause is improper handling of URL rewrite configuration leading to code execution with admin privileges. Impact is arbitrary code execution; CVSS notes...

7.2CVSS7.3AI score0.00399EPSS

Exploits1References1Affected Software1

CVE•added 2018/09/17 4:0 a.m.•33 views

CVE-2018-17134

CVE-2018-17134 affects PHPMyWind 5.5. The vulnerability is an arbitrary code execution flaw in admin/web_config.php that can be exploited by Admin users through the cfg_author field in combination with a crafted cfg_webpath field. The connected documents corroborate the affected product/version a...

7.2CVSS7.2AI score0.00399EPSS

Exploits1References1Affected Software1

CNVD•added 2018/09/17 12:0 a.m.•2 views

PHPMyWind Arbitrary Code Execution Vulnerability

PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A security vulnerability exists in the admin/webconfig.php file in PHPMyWind version 5.5. The vulnerability can be exploited to execute arbitrary code with the help of the 'cfgauthor' field and the...

7.2CVSS7.5AI score0.00399EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by