VYPR
Vendor

Free PHP Scripts

Products
3
CVEs
7
Across products
9
Status
Private

Products

3

Recent CVEs

7
  • CVE-2007-1715Mar 27, 2007
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in frontpage.php in Free Image Hosting 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the forgot_pass.php vector is already covered by CVE-2006-5670, and the login.php…

  • CVE-2006-5762Nov 6, 2006
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in forgot_pass.php in Free File Hosting 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: this issue was later reported for the "File Upload System" which is a component…

  • CVE-2006-5764Nov 6, 2006
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in contact.php in Free File Hosting 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from…

  • CVE-2006-5763Nov 6, 2006
    risk 0.03cvss epss 0.05

    Multiple PHP remote file inclusion vulnerabilities in Free File Hosting 1.1, and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter to (1) login.php, (2) register.php, or (3) send.php. …

  • CVE-2006-5670Nov 3, 2006
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in forgot_pass.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter.

  • CVE-2007-2626May 11, 2007
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in admin.php in SchoolBoard allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: CVE disputes this issue, because 'username' does not exist, and the password is not used in any queries

  • CVE-2006-5671Nov 3, 2006
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in contact.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from…