CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phpwebthings: >> Phpwebthings >> 1.4.4 Security Vulnerabilities

CVE-2009-2147

SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS Score

7.5

EPSS Score

0.004

Published

2009-06-22

CVE-2005-3676

SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the file parameter.

CVSS Score

7.5

EPSS Score

0.004

Published

2005-11-18

CVE-2005-3584

Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to inject arbitrary web script or HTML via the forum parameter.

CVSS Score

4.3

EPSS Score

0.004

Published

2005-11-16

CVE-2005-3585

SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter.

CVSS Score

7.5

EPSS Score

0.011

Published

2005-11-16

Page 1

Vulnerabilities

Vulnerable Software

Phpwebthings: >> Phpwebthings >> 1.4.4 Security Vulnerabilities

Products

Pricing

Contact Us