Lucene search
K
IdevspotPhphostbot

4 matches found

CVE
CVE
added 2007/08/08 10:0 p.m.68 views

CVE-2007-4231

CVE-2007-4231 describes a PHP remote file inclusion in the IDevSpot PhpHostBot line (1.06 and earlier). The vulnerability is triggered in order/login.php via a URL parameter (svr_rootscript), allowing an attacker to execute arbitrary PHP code on affected installations. The entry notes this as a d...

6.8CVSS7.4AI score0.03577EPSS
Web
CVE
CVE
added 2006/07/21 6:0 p.m.48 views

CVE-2006-3776

CVE-2006-3776 affects IDevSpot PhpHostBot (version 1.0) and AutoHost (version 3.0). It is a PHP remote file inclusion vulnerability in order/index.php that allows remote attackers to execute arbitrary PHP code by supplying a URL in the page parameter. The underlying issue is a crafted URL-based i...

7.5CVSS7.4AI score0.03229EPSS
Web
CVE
CVE
added 2007/07/30 8:0 p.m.48 views

CVE-2007-4094

CVE-2007-4094 affects IDevSpot PhpHostBot (library/authorize.php). The vulnerability allows remote attackers to execute arbitrary PHP code via a URL supplied in the login_form parameter, representing a remote file inclusion in this component. This is described as a different vector from CVE-2006-...

7.5CVSS7.4AI score0.01697EPSS
Web
CVE
CVE
added 2011/09/24 12:0 a.m.38 views

CVE-2011-3779

CVE-2011-3779 affects PhpHostBot 2.0. Affected: PhpHostBot 2.0 installations where direct requests to certain .php files (e.g., admin/create_acct.php) reveal the installation path in an error message, enabling information disclosure. Impact is limited to partial confidentiality exposure; no explo...

5CVSS6.3AI score0.01229EPSS