pPIM
by Phlatline
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-4428 | 0.04 | — | 0.07 | Oct 3, 2008 | Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-level directory. | |||
| CVE-2008-4427 | 0.03 | — | 0.03 | Oct 3, 2008 | changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier does not require administrative authentication, which allows remote attackers to change arbitrary passwords. |
- CVE-2008-4428Oct 3, 2008risk 0.04cvss —epss 0.07
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-level directory.
- CVE-2008-4427Oct 3, 2008risk 0.03cvss —epss 0.03
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier does not require administrative authentication, which allows remote attackers to change arbitrary passwords.