Shodan
Vulnerabilities
Vulnerable Software
Linpha:  Security Vulnerabilities
CVE-2014-7265
Cross-site scripting (XSS) vulnerability in LinPHA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2014-12-12
CVE-2011-3753
LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php and certain other files.
CVSS Score
5.0
EPSS Score
0.003
Published
2011-09-23
CVE-2008-7223
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, or (5) plugins/stats/stats_view.php.
CVSS Score
4.3
EPSS Score
0.004
Published
2009-09-14
CVE-2008-6571
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via (1) new_images.php, (2) login.php, and unspecified vectors.
CVSS Score
4.3
EPSS Score
0.004
Published
2009-03-31
CVE-2008-1856
plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not require authentication for a settings action that modifies the configuration file, which allows remote attackers to conduct directory traversal attacks and execute arbitrary local files by placing directory traversal sequences into the maps_type configuration setting, and then sending a request to maps_view.php, which causes plugins/maps/map.main.class.php to use the modified configuration.
CVSS Score
5.1
EPSS Score
0.034
Published
2008-04-16
CVE-2008-1487
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, and (5) plugins/stats/stats_view.php.
CVSS Score
4.3
EPSS Score
0.003
Published
2008-03-24
CVE-2007-4053
SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the order parameter to new_images.php.
CVSS Score
7.5
EPSS Score
0.01
Published
2007-07-30
CVE-2006-1923
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) RSS/RSS.php and (2) possibly other vectors.
CVSS Score
5.8
EPSS Score
0.005
Published
2006-04-20
CVE-2006-1924
SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVSS Score
6.4
EPSS Score
0.005
Published
2006-04-20
CVE-2006-1848
Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php in LinPHA 1.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, and (3) date parameter.
CVSS Score
2.6
EPSS Score
0.007
Published
2006-04-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved