profilephp software vulnerabilities
vulnerabilities.aspcode.net
Searching profilephp software vulnerabilities
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 through 5.0.3 beta allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_REFERER parameter to login.php, (2) HTTP_REFERER parameter to register.php, or (3) target parameter to profile.php.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5 allow remote attackers to inject arbitrary web script or HTML via the lan parameter to(1) index.php or (2) admin/index.php, or (3) the auction_id parameter to profile.php. NOTE: there is evidence that viewnews.php and login.php may not be part of the PhpAuction product, so they are not included in this description.
** DISPUTED ** Multiple SQL injection vulnerab
vulnerabilities
|
arbitrary
|
attackers
|
injection
|
Multiple
|
commands
|
DISPUTED
|
execute
|
remote
|
allow
|
OvBB
|
008a
|
via
|
SQL
|
** DISPUTED ** Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial."
Directory traversal vulnerability in TinyPHPFor
vulnerability
|
TinyPHPForum
|
demonstrated
|
Directory
|
attackers
|
traversal
|
account
|
earlier
|
profile
|
create
|
remote
|
allows
|
topic
|
user
|
view
|
via
|
new
|
Directory traversal vulnerability in TinyPHPForum 3.6 and earlier allows remote attackers to create a new user account, create a new topic, or view the profile of a user account, as demonstrated via a .. (dot dot) in the uname parameter to profile.php.
Multiple SQL injection vulnerabilities in RedCM
vulnerabilities
|
arbitrary
|
injection
|
attackers
|
commands
|
Multiple
|
execute
|
RedCMS
|
remote
|
allow
|
via
|
SQL
|
Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php.
Multiple SQL injection vulnerabilities in Simpl
vulnerabilities
|
arbitrary
|
injection
|
attackers
|
parameter
|
commands
|
Multiple
|
username
|
execute
|
remote
|
before
|
Simple
|
Forum
|
allow
|
SQL
|
PHP
|
via
|
Multiple SQL injection vulnerabilities in Simple PHP Forum before 0.4 allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) logon_user.php and (2) update_profile.php.
Software vulnerabilities results 1 to 7 of 7
Page:
1