Phpcoin Security Vulnerabilities and Issues — Phpcoin CVE List

Lucene search

Coinsoft TechnologiesPhpcoin

4 matches found

CVE•added 2005/12/14 11:3 a.m.•316 views

CVE-2005-4214

phpCOIN 1.2.2 allows remote attackers to obtain the installation path via a direct request to config.php, which leaks the path in an error message because the _CCFG['_PKG_PATH_DBSE'] variable is not defined.

5CVSS6.9AI score0.01041EPSS

CVE•added 2005/12/14 11:3 a.m.•236 views

CVE-2005-4211

PHP remote file inclusion vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the $_CCFG[_PKG_PATH_DBSE] variable.

7.5CVSS7.5AI score0.05972EPSS

CVE•added 2005/12/14 11:3 a.m.•113 views

CVE-2005-4212

Directory traversal vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to read arbitrary local files via ".." (dot dot) sequences in the $_CCFG[_PKG_PATH_DBSE] variable.

5CVSS6.6AI score0.05605EPSS

CVE•added 2005/12/14 11:3 a.m.•74 views

CVE-2005-4213

SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary SQL commands via the phpcoinsessid cookie.

7.5CVSS8.4AI score0.01602EPSS