Lucene search
K
PhpfaberTopsites

4 matches found

CVE
CVE
added 2006/07/27 10:0 p.m.55 views

CVE-2006-3902

CVE-2006-3902 is an XSS vulnerability in phpFaber TopSites 2.0.9 where the i_cat parameter of index.php can be exploited to inject arbitrary web script or HTML. The description notes that the vulnerability arises from the input handling in the i_cat parameter; no further details on the root cause...

4.3CVSS5.8AI score0.00923EPSS
CVE
CVE
added 2006/04/20 10:0 a.m.52 views

CVE-2006-1878

CVE-2006-1878 affects phpFaber TopSites: a cross-site scripting (XSS) vulnerability in index.php, exploitable via the page parameter to inject arbitrary web script or HTML. The provided sources describe the vulnerability but do not specify affected product versions, exact root cause beyond unsani...

2.6CVSS5.7AI score0.02166EPSS
CVE
CVE
added 2007/04/19 10:0 a.m.49 views

CVE-2007-2155

CVE-2007-2155 affects phpFaber TopSites 3. A directory traversal vulnerability in template.php (modify parameter in a template action to admin/index.php) allows remote attackers to read arbitrary files via .. traversal. This is a network-accessible issue with low attack complexity and no authenti...

7.8CVSS6.7AI score0.02853EPSS
Web
CVE
CVE
added 2006/07/21 5:0 p.m.38 views

CVE-2006-3770

The CVE-2006-3770 entry covers multiple SQL injection flaws in phpFaber TopSites (index.php) affecting version 2.0.9 and earlier. The underlying issue is unsecured handling of the (1) i_cat and (2) method parameters, enabling remote attackers to alter SQL queries and potentially compromise data. ...

7.5CVSS8.9AI score0.01692EPSS