Vulnerabilities > Phpf1

DATE	CVE	VULNERABILITY TITLE	RISK
2010-01-26	CVE-2010-0390	Unspecified vulnerability in PHPf1 Max'S Image Uploader 1.0 Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. network phpf1	6.8
2009-03-02	CVE-2008-6359	Cross-Site Scripting vulnerability in PHPf1 Max'S Guestbook Cross-site scripting (XSS) vulnerability in index.php in Max's Guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, and (3) message parameters. network phpf1 CWE-79	4.3

Vulnerabilities > Phpf1 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpf1"}]}