cbcvebase.

Idevspot Phplinkexchange vulnerabilities

4 known vulnerabilities affecting idevspot/phplinkexchange.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2006-4741P3HIGHCVSS 7.5PoCv1.02006-09-13
CVE-2006-4741 [HIGH] CVE-2006-4741: PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter.
nvd
CVE-2006-3777P3HIGHCVSS 7.5PoCv1.02006-07-24
CVE-2006-3777 [HIGH] CWE-94 CVE-2006-3777: PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote a PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
nvd
CVE-2008-3679P4MEDIUMCVSS 4.3PoCv1.012008-08-14
CVE-2008-3679 [MEDIUM] CWE-79 CVE-2008-3679: Multiple cross-site scripting (XSS) vulnerabilities in index.php in IDevSpot PhpLinkExchange 1.01 al Multiple cross-site scripting (XSS) vulnerabilities in index.php in IDevSpot PhpLinkExchange 1.01 allow remote attackers to inject arbitrary web script or HTML via the catid parameter in a (1) user_add, (2) recip, (3) tellafriend, or (4) contact action, or (5) in a request without an action; or (6) the id parameter in a tellafriend action. NOTE: the pr
nvd
CVE-2006-4742P4MEDIUMCVSS 4.3PoCv1.02006-09-13
CVE-2006-4742 [MEDIUM] CVE-2006-4742: Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remo Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
nvd
Idevspot Phplinkexchange vulnerabilities | cvebase