China-On-Site Flexphplink vulnerabilities
2 known vulnerabilities affecting china-on-site/flexphplink.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6731P2CRITICALCVSS 9.3PoCv0.0.72009-04-20
CVE-2008-6731 [CRITICAL] CWE-20 CVE-2008-6731: Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote atta
Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.
nvd
CVE-2008-6730P3MEDIUMCVSS 6.8PoCv0.0.6v0.0.72009-04-20
CVE-2008-6730 [MEDIUM] CWE-89 CVE-2008-6730: Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, wh
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php.
nvd