Exoscripts Exophpdesk vulnerabilities
2 known vulnerabilities affecting exoscripts/exophpdesk.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6917P3HIGHCVSS 7.5PoCv1.22009-08-07
CVE-2008-6917 [HIGH] CWE-89 CVE-2008-6917: SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter).
nvd
CVE-2011-3736P4MEDIUMCVSS 5.0v1.2.12011-09-23
CVE-2011-3736 [MEDIUM] CWE-200 CVE-2011-3736: ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .
ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgrade9.php and certain other files.
nvd