Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5460 | 1 Hinton Design | 1 Phpht Topsites | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Hinton Design phpht Topsites allow remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter to (1) index.php, (2) certain other scripts in the top-level directory, and (3) certain scripts in the admin/ directory. NOTE: CVE disputes this vulnerability because $phpht_real_path is defined before use in index.php and most other files except common.php, which is already covered by CVE-2006-5458 | |||||
| CVE-2006-5458 | 1 Hinton Design | 1 Phpht Topsites | 2024-11-21 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in common.php in Hinton Design phpht Topsites allows remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter. | |||||
| CVE-2006-0655 | 1 Hinton Design | 1 Phpht Topsites | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited.php and (2) link_added.php in Hinton Design phpht Topsites 1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2006-0654 | 1 Hinton Design | 1 Phpht Topsites | 2024-11-21 | 7.5 HIGH | N/A |
| check.php in Hinton Design phpht Topsites 1.3 does not validate passwords when using cookies, which allows remote attackers to bypass authentication via unspecified cookies. | |||||
| CVE-2006-0653 | 1 Hinton Design | 1 Phpht Topsites | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites 1.3 allow remote attackers to execute arbitrary SQL commands via multiple vectors including the username parameter. | |||||