Pwsphp Security Vulnerabilities and Issues — Pwsphp CVE List

Lucene search

PwsphpPwsphp

5 matches found

CVE•added 2005/05/11 4:0 a.m.•43 views

CVE-2005-1509

SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5CVSS8.4AI score0.00619EPSS

CVE•added 2005/05/11 4:0 a.m.•40 views

CVE-2005-1512

The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote attackers to upload and possibly execute arbitrary files.

7.5CVSS7.8AI score0.00741EPSS

CVE•added 2005/05/11 4:0 a.m.•37 views

CVE-2005-1508

Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) month or (2) annee parameters to the news module, (3) nbractif or (4) annee parameters to the stats module, (5) id parameter to profil.php, (6) mb_lettre or ...

6.8CVSS5.8AI score0.02467EPSS

CVE•added 2005/05/11 4:0 a.m.•35 views

CVE-2005-1511

PwsPHP 1.2.2 allows remote attackers to bypass authentication and post arbitrary comments via the Pseudo cookie.

7.5CVSS7.5AI score0.00644EPSS

CVE•added 2005/05/11 4:0 a.m.•32 views

CVE-2005-1510

PwsPHP 1.2.2 allows remote attackers to obtain sensitive information via a direct request to the admin directory, which reveals the path in an error message.

7.5CVSS6.5AI score0.00717EPSS