Lucene search

K

Phpprofiles Security Vulnerabilities

cve
cve

CVE-2006-6740

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the incpath parameter to (3) index.inc.php, (4)...

7.5AI Score

0.216EPSS

2006-12-26 11:28 PM
20
cve
cve

CVE-2006-6744

phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown...

7AI Score

0.001EPSS

2022-10-03 04:21 PM
15
cve
cve

CVE-2008-1051

PHP remote file inclusion vulnerability in include/body_comm.inc.php in phpProfiles 4.5.2 BETA allows remote attackers to execute arbitrary PHP code via a URL in the content...

7.5AI Score

0.007EPSS

2008-02-27 07:44 PM
21
cve
cve

CVE-2006-6743

phpProfiles before 2.1.1 uses world writable permissions for certain profile files and directories, which allows local users to modify or delete files, related to (1) users/include/do_makeprofile.inc.php and (2)...

6.7AI Score

0.0004EPSS

2006-12-26 11:28 PM
17
cve
cve

CVE-2006-5634

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 Beta allow remote attackers to execute arbitrary PHP code via a URL in the (1) reqpath parameter to (a) body.inc.php and (b) body_blog.inc.php in users/include/; or the (2) usrinc parameter in...

8AI Score

0.114EPSS

2006-11-01 12:07 AM
26