NotCVE - vendor:"Phpwcms" product:"Phpwcms" version:"1.2.5

Page 3 of 13 results (0.002 seconds)

CVSS: 2.6EPSS: 1%CPEs: 1EXPL: 1

CVE-2006-2518

https://notcve.org/view.php?id=CVE-2006-2518

Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows remote attackers to inject arbitrary web script or HTML via the BL[be_cnt_plainhtml] parameter to include/inc_tmpl/content/cnt6.inc.php. • http://secunia.com/advisories/20239 http://securityreason.com/securityalert/939 http://www.kapda.ir/advisory-331.html http://www.securityfocus.com/archive/1/434706/100/0/threaded http://www.securityfocus.com/bid/18063 http://www.vupen.com/english/advisories/2006/1934 https://exchange.xforce.ibmcloud.com/vulnerabilities/26638 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

CVE-2005-3790 – PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities

https://notcve.org/view.php?id=CVE-2005-3790

Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en act_newsletter.php de phpwcms 1.2.5 permiten a atacantes remotos inyectar 'script' web arbitrario o HTML mediante los parámetros (1) "i" y (2) "text". • https://www.exploit-db.com/exploits/26514 http://marc.info/?l=bugtraq&m=113207712719472&w=2 http://secunia.com/advisories/17590 http://securityreason.com/securityalert/182 http://www.securityfocus.com/bid/15440 http://www.vupen.com/english/advisories/2005/2452 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 3

CVE-2005-3789 – PHPWCMS 1.2.5 -DEV - 'imgdir' Traversal Arbitrary File Access

https://notcve.org/view.php?id=CVE-2005-3789

Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir parameter in random_image.php. Múltiples vulnerabilidades de atravesamiento de directorios en phpwcms 1.2.5 permite a atacantes remotos leer ficheros arbitrarios mediante un .. (punto punto) en (1) el parámetro "form_lang" de login.php y (2) el parámetro "imgdir" de randon_image.php. • https://www.exploit-db.com/exploits/26513 https://www.exploit-db.com/exploits/26512 http://marc.info/?l=bugtraq&m=113207712719472&w=2 http://secunia.com/advisories/17590 http://www.securityfocus.com/bid/15436 http://www.vupen.com/english/advisories/2005/2452 •

1 2 3