Vulnerabilities > Phprpg

DATE	CVE	VULNERABILITY TITLE	RISK
2007-12-20	CVE-2007-6484	SQL Injection vulnerability in PHPrpg 0.8 SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. network phprpg CWE-89	6.8
2007-12-20	CVE-2007-6470	Permissions, Privileges, and Access Controls vulnerability in PHPrpg 0.8 phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies. network low complexity phprpg CWE-264	6.4
2007-12-20	CVE-2007-6469	SQL Injection vulnerability in PHPrpg 0.8 SQL injection vulnerability in index.php in phpRPG 0.8, when magic_qutoes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. network phprpg CWE-89 critical	9.3

Vulnerabilities > Phprpg {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phprpg"}]}