Pafiledb Security Vulnerabilities and Issues — Pafiledb CVE List

Lucene search

Php ArenaPafiledb

5 matches found

CVE•added 2005/06/20 4:0 a.m.•41 views

CVE-2005-2001

Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the action parameter.

5CVSS7.1AI score0.00539EPSS

CVE•added 2005/06/28 4:0 a.m.•40 views

CVE-2002-1929

Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (2) email, or (3) download actions.

4.3CVSS6AI score0.0076EPSS

CVE•added 2005/06/20 4:0 a.m.•36 views

CVE-2005-1999

Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby or (2) filelist parameters to the category action (category.php), or (3) pages parameter in the viewall action (viewall.php).

4.3CVSS6AI score0.00409EPSS

CVE•added 2005/06/20 4:0 a.m.•34 views

CVE-2005-2000

Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string par...

7.5CVSS8.5AI score0.00642EPSS

CVE•added 2005/06/28 4:0 a.m.•32 views

CVE-2002-1931

Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string.

4.3CVSS5.8AI score0.00346EPSS