Vulnerabilities > Coinsoft Technologies

DATE	CVE	VULNERABILITY TITLE	RISK
2006-08-29	CVE-2006-4425	Remote Security vulnerability in Coinsoft Technologies PHPcoin 1.2.3 Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter in coin_includes scripts including (1) api.php, (2) common.php, (3) core.php, (4) custom.php, (5) db.php, (6) redirect.php or (7) session_set.php. network high complexity coinsoft-technologies	5.1
2006-08-29	CVE-2006-4424	Remote File Include vulnerability in Coinsoft Technologies PHPcoin 1.2.3 PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter. network high complexity coinsoft-technologies	5.1
2006-05-17	CVE-2006-2422	Information Disclosure vulnerability in phpCOIN Email Address phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact". network low complexity coinsoft-technologies	5.0
2006-03-28	CVE-2006-1428	Cross-Site Scripting vulnerability in phpCOIN Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN 1.2.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the fs parameter to (1) mod.php or (2) mod_print.php. network coinsoft-technologies	4.3
2005-12-21	CVE-2005-4447	SQL-Injection vulnerability in phpCOIN SQL injection vulnerability in articles\articles_funcs.php in phpCOIN 1.2.2 allows remote attackers to modify SQL syntax and possibly execute SQL in limited circumstances via the rec_next parameter. network low complexity coinsoft-technologies	7.5
2005-12-14	CVE-2005-4214	Information Exposure vulnerability in Coinsoft Technologies PHPcoin 1.2.2 phpCOIN 1.2.2 allows remote attackers to obtain the installation path via a direct request to config.php, which leaks the path in an error message because the _CCFG['_PKG_PATH_DBSE'] variable is not defined. network low complexity coinsoft-technologies CWE-200	5.0
2005-12-14	CVE-2005-4213	SQL Injection vulnerability in Coinsoft Technologies PHPcoin 1.2.2 SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary SQL commands via the phpcoinsessid cookie. network low complexity coinsoft-technologies	7.5
2005-12-14	CVE-2005-4212	Unspecified vulnerability in Coinsoft Technologies PHPcoin 1.2.2 Directory traversal vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to read arbitrary local files via ".." (dot dot) sequences in the $_CCFG[_PKG_PATH_DBSE] variable. network low complexity coinsoft-technologies	5.0
2005-12-14	CVE-2005-4211	Unspecified vulnerability in Coinsoft Technologies PHPcoin 1.2.2 PHP remote file inclusion vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the $_CCFG[_PKG_PATH_DBSE] variable. network low complexity coinsoft-technologies	7.5
2005-05-03	CVE-2005-1384	SQL Injection vulnerability in PHPcoin 1.2/1.2.1/1.2.1B Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php. network low complexity coinsoft-technologies	7.5

Vulnerabilities > Coinsoft Technologies {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Coinsoft Technologies"}]}

Vulnerabilities > Coinsoft Technologies