Skip to main content

Phpvibe

4 CVEs product

Monthly

CVE-2024-39171 CRITICAL POC Act Now

Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Phpvibe
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-6083 MEDIUM This Month

A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Phpvibe
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6082 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46.global.php of the component Global Options Page. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Phpvibe
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2015-5399 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject arbitrary web script or HTML via a comment. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Phpvibe
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
0.2%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Phpvibe
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Phpvibe
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46.global.php of the component Global Options Page. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Phpvibe
NVD GitHub VulDB
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject arbitrary web script or HTML via a comment. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Phpvibe
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy