VYPR
Vendor

Phpraider

Products
1
CVEs
10
Across products
10
Status
Private

Products

1

Recent CVEs

10
  • CVE-2006-3317Jun 29, 2006
    risk 0.04cvss epss 0.17

    PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) announcements.php and (2) rss.php, a different set of vectors and affected versions than CVE-2006-3316 and CVE-2006-3116.

  • CVE-2008-2481May 28, 2008
    risk 0.03cvss epss 0.05

    PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1.0.7 and 1.0.7a, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[phpbb_path] parameter.

  • CVE-2006-3116Jun 29, 2006
    risk 0.01cvss epss 0.07

    Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 and 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) configuration.php, (3) guilds.php, (4) index.php, (5) locations.php, (6) login.php, (7) lua_output.php,…

  • CVE-2008-7035Aug 24, 2009
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in an unspecified component in Simple Machines phpRaider 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the resistance field. NOTE: the provenance of this information is unknown; the details are obtained solely…

  • CVE-2008-2769Jun 18, 2008
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in authentication/smf/smf.functions.php in Simple Machines phpRaider 1.0.6 and 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[smf_path] parameter.

  • CVE-2007-3415Jun 26, 2007
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in index.php in phpRaider 1.0.0 rc8 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) type parameter.

  • CVE-2006-3322Jun 30, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in includes/functions_logging.php in phpRaid 3.0.5, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the log_hack function.

  • CVE-2006-3318Jun 29, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in register.php for phpRaid 3.0.6 and possibly other versions, when the authorization type is phpraid, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) email parameters.

  • CVE-2006-3115Jun 29, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the raid_id parameter.

  • CVE-2006-2610May 26, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the (1) URL query string and the (2) Sort parameter.