VYPR

Powerphlogger

by Powerphlogger

CVEs (5)

  • CVE-2002-1885Dec 31, 2002
    risk 0.04cvss epss 0.07

    PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter.

  • CVE-2009-4253Dec 10, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in dspStats.php in PowerPhlogger 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the edit parameter.

  • CVE-2008-2562Jun 6, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action.

  • CVE-2006-7106Mar 3, 2007
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter.

  • CVE-2007-3399Jun 26, 2007
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in include/get_userdata.php in Power Phlogger (PPhlogger) 2.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.php.