Hinton Design Phpstatus — known CVE vulnerabilities
Every CVE whose affected-product data names Hinton Design Phpstatus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2006-0570 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow remote attackers to execute arbitrary SQL…
CVE-2006-0572 — CVSS 7.5 (high): phpstatus 1.0 does not require passwords when using cookies to identify a user, which allows remote attackers to bypass authentication.
CVE-2006-0571 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote attackers to inject arbitrary web script or HTML via…