Php Blue Dragon@platinum 2.8.0 Security Vulnerabilities and Issues — Php Blue Dragon@platinum 2.8.0 CVE List

Lucene search

Blue DragonPhp Blue Dragonplatinum 2.8.0

4 matches found

CVE•added 2006/05/16 1:2 a.m.•141 views

CVE-2006-2392

PHP remote file inclusion vulnerability in public_includes/pub_popup/popup_finduser.php in PHP Blue Dragon Platinum 2.8.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter.

6.4CVSS7.5AI score0.10831EPSS

CVE•added 2006/09/23 10:7 a.m.•36 views

CVE-2006-4960

Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an error message resulting from a failed SQL query.

6.8CVSS6.4AI score0.05656EPSS

CVE•added 2006/09/23 10:7 a.m.•35 views

CVE-2006-4962

Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence via the phpExt parameter, as demonstrated by executing PHP code in a log file.

6.4CVSS7.5AI score0.10744EPSS

CVE•added 2006/09/23 10:7 a.m.•32 views

CVE-2006-4961

SQL injection vulnerability in the GetModuleConfig function in public_includes/pub_kernel/pbd_modules.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php.

7.5CVSS8.8AI score0.00511EPSS