Vulnerabilities > Phpprofiles

DATE	CVE	VULNERABILITY TITLE	RISK
2008-02-27	CVE-2008-1051	Code Injection vulnerability in PHPprofiles 4.5.2 PHP remote file inclusion vulnerability in include/body_comm.inc.php in phpProfiles 4.5.2 BETA allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. network phpprofiles CWE-94	6.8
2006-12-26	CVE-2006-6744	Local Security vulnerability in PHPprofiles 2.1.0 phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts. local low complexity phpprofiles	2.1
2006-12-26	CVE-2006-6743	Local Security vulnerability in PHPprofiles 2.1.0 phpProfiles before 2.1.1 uses world writable permissions for certain profile files and directories, which allows local users to modify or delete files, related to (1) users/include/do_makeprofile.inc.php and (2) users/include/copy.inc.php. local low complexity phpprofiles	4.6
2006-11-01	CVE-2006-5634	Code Injection vulnerability in PHPprofiles Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 Beta allow remote attackers to execute arbitrary PHP code via a URL in the (1) reqpath parameter to (a) body.inc.php and (b) body_blog.inc.php in users/include/; or the (2) usrinc parameter in users/include/upload_ht.inc.php. network phpprofiles CWE-94	6.8

Vulnerabilities > Phpprofiles {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpprofiles"}]}