Filtered by vendor Phpoutsourcing
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5199 | 1 Phpoutsourcing | 1 Ideabox | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in include.php in PHPOutsourcing IdeaBox (aka IdeBox) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the gorumDir parameter. | ||||
| CVE-2006-5431 | 1 Phpoutsourcing | 1 Zorum | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in gorum/dbproperty.php in PHPOutsourcing Zorum 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appDirName parameter. | ||||
| CVE-2006-5293 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PhpOutsourcing Noah's Classifieds 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the frommethod parameter. | ||||
| CVE-2006-1332 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message. | ||||
| CVE-2006-0878 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Noah's Classifieds 1.3 allows remote attackers to obtain the installation path via a direct request to include files, as demonstrated by classifieds/gorum/category.php. | ||||
| CVE-2005-0675 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. | ||||
| CVE-2005-0677 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter. | ||||
| CVE-2006-0880 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) inf parameter; or, when register_globals is enabled, the (2) upperTemplate and (3) lowerTemplate parameters. | ||||
| CVE-2006-0882 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php. | ||||
| CVE-2005-2980 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter. | ||||
| CVE-2002-2350 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter. | ||||
| CVE-2003-1088 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter. | ||||
| CVE-2003-1089 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. | ||||
| CVE-2005-0676 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability. | ||||
| CVE-2005-2651 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter. | ||||
| CVE-2005-2979 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in phpoutsourcing Noah's classifieds allows remote attackers to execute arbitrary SQL commands via the rollid parameter. | ||||
| CVE-2005-4619 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method. | ||||
| CVE-2006-0879 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors. | ||||
| CVE-2006-0881 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php. | ||||
| CVE-2006-1331 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) method or (2) list parameter. | ||||