Papipsycho

#13911of 53,630
19.3Total CVSS
Vulnerabilities · 3
Medium
1
High
2
PT-2006-1986
7.5
2006-03-01
Pwsphp · Pwsphp · CVE-2006-0943
**Name of the Vulnerable Software and Affected Versions** PwsPHP version 1.2.3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter to the "index.php" endpoint. **Recommendations** For PwsPHP version 1.2.3, consider restricting access to the `id` parameter in the "index.php" endpoint until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected endpoint to minimize the risk of exploitation.
PT-2005-4232
4.3
2005-11-02
Nuked Klan · Nuked-Klan · CVE-2005-3436
**Name of the Vulnerable Software and Affected Versions** Nuked-Klan version 1.7 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via certain modules and fields, including the Search module, edit fields in Guestbook, the title in the Forum module, and Textbox. This could potentially lead to unauthorized actions on the affected web application. **Recommendations** For Nuked-Klan version 1.7, consider disabling the Search module, restricting access to edit fields in Guestbook, limiting input in the title field of the Forum module, and avoiding the use of the Textbox until a fix is available. As a temporary workaround, restrict user input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2005-4116
7.5
2005-10-25
Unknown · Nuked-Klan · CVE-2005-3305
**Name of the Vulnerable Software and Affected Versions** Nuked Klan version 1.7 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters in different files, including the `forum id` or `thread id` parameter in the Forum file, the `link id` in the Links file, the `artid` parameter in the Sections file, and the `dl id` parameter in the Download file. **Recommendations** For Nuked Klan version 1.7, consider restricting access to the Forum, Links, Sections, and Download files until a patch is available. As a temporary workaround, avoid using the parameters `forum id`, `thread id`, `link id`, `artid`, and `dl id` in their respective files to minimize the risk of exploitation.