Linpha

Linpha

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2014-7265

  • EPSS 0.25%
  • Veröffentlicht 12.12.2014 11:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in LinPHA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5

CVE-2011-3753

Exploit
  • EPSS 0.28%
  • Veröffentlicht 23.09.2011 23:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php and certain other files.

4.3

CVE-2008-7223

  • EPSS 0.36%
  • Veröffentlicht 14.09.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, or (5) plugins/s...

4.3

CVE-2008-6571

  • EPSS 0.36%
  • Veröffentlicht 31.03.2009 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via (1) new_images.php, (2) login.php, and unspecified vectors.

5.1

CVE-2008-1856

  • EPSS 4.02%
  • Veröffentlicht 16.04.2008 19:05:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not require authentication for a settings action that modifies the configuration file, which allows remote attackers to conduct directory traversal attacks and execute arbitrary local files...

4.3

CVE-2008-1487

  • EPSS 0.3%
  • Veröffentlicht 24.03.2008 23:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, and (5) plugins/...

7.5

CVE-2007-4053

  • EPSS 1.05%
  • Veröffentlicht 30.07.2007 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the order parameter to new_images.php.

5.8

CVE-2006-1923

  • EPSS 0.53%
  • Veröffentlicht 20.04.2006 18:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) RSS/RSS.php and (2) possibly other vectors.

6.4

CVE-2006-1924

  • EPSS 0.5%
  • Veröffentlicht 20.04.2006 18:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

2.6

CVE-2006-1848

Exploit
  • EPSS 0.67%
  • Veröffentlicht 19.04.2006 16:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php in LinPHA 1.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, and (3) date parameter.