Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Phpwhois ProjectPhpwhois

3 matches found

CVE
CVEadded 2018/08/20 9:0 p.m.50 views

CVE-2015-5243

CVE-2015-5243 affects phpWhois and several forks. The vulnerability arises from the generic_parser_b in the WHOIS data parser, which builds PHP statements and passes them to eval, allowing arbitrary code execution when processing crafted WHOIS records. Impact is remote code execution via manipula...

9.8CVSS9.4AI score0.06195EPSS
CVE
CVEadded 2017/05/17 2:0 p.m.45 views

CVE-2015-3998

phpwhois version 4.2.5 used in the WordPress adsense-click-fraud-monitoring plugin version 1.7.5 is documented to have a cross-site scripting (XSS) vulnerability. An attacker can inject arbitrary script or HTML via the query parameter to whois.php. The linked reports confirm the affected componen...

6.1CVSS6AI score0.01117EPSS
CVE
CVEadded 2021/11/29 11:33 a.m.40 views

CVE-2021-43698

The CVE-2021-43698 entry concerns phpWhois (a PHP Whois library). The vulnerability is a Cross-Site Scripting (XSS) flaw in the example.php file, where the exit() path prints a user-visible message that includes $_GET['query'], enabling injection. Affected component/function: example.php within p...

6.1CVSS5.8AI score0.00608EPSS