Vulnerabilities > Phpwebthings > Phpwebthings > 1.4.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-06-22 | CVE-2009-2147 | SQL Injection vulnerability in PHPwebthings SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-11-18 | CVE-2005-3676 | Unspecified vulnerability in PHPwebthings 1.4.4 SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the file parameter. | 7.5 |
| 2005-11-16 | CVE-2005-3585 | SQL Injection vulnerability in PHPwebthings 1.4.4 SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | 7.5 |
| 2005-11-16 | CVE-2005-3584 | Cross-Site Scripting vulnerability in PHPwebthings 1.4.4 Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to inject arbitrary web script or HTML via the forum parameter. network phpwebthings | 4.3 |