Phpee Pphlogger vulnerabilities
2 known vulnerabilities affecting phpee/pphlogger.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-4253P4MEDIUMCVSS 4.3PoCv2.2.52009-12-10
CVE-2009-4253 [MEDIUM] CWE-79 CVE-2009-4253: Cross-site scripting (XSS) vulnerability in dspStats.php in PowerPhlogger 2.2.5 allows remote attack
Cross-site scripting (XSS) vulnerability in dspStats.php in PowerPhlogger 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the edit parameter.
nvd
CVE-2009-4254P4MEDIUMCVSS 5.0v2.2.52009-12-10
CVE-2009-4254 [MEDIUM] CWE-200 CVE-2009-4254: PowerPhlogger 2.2.5 allows remote attackers to obtain sensitive information via a direct request to
PowerPhlogger 2.2.5 allows remote attackers to obtain sensitive information via a direct request to (1) edCss.inc.php, (2) foot.inc.php, (3) get_csscolors.inc.php, (4) head.inc.php, (5) head_stuff.inc.php, (6) loglist.inc.php, and (7) pphlogger_send.inc.php in include/, which reveals the installation path in an error message.
nvd