Every CVE whose affected-product data names Phpadsnew, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2001-1054 — CVSS 7.5 (high): PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir…
CVE-2005-2636 — CVSS 7.5 (high): SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary…
CVE-2005-3646 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in lib-sessions.inc.php in phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allow remote…
CVE-2006-3984 — CVSS 7.5 (high): PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with…
CVE-2006-6415 — CVSS 7.5 (high): PHP remote file inclusion vulnerability in admin/lib-maintenance.inc.php in phpAdsNew 2.0.4-pr2 allows remote attackers to execute…
CVE-2005-2635 — CVSS 5.0 (medium): Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds before 2.0.6 allow remote attackers to include arbitrary files via a…
CVE-2005-3645 — CVSS 5.0 (medium): phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other…
CVE-2006-5437 — CVSS 5.0 (medium): Directory traversal vulnerability in upgrade.php in phpAdsNew 2.0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in…
CVE-2005-0790 — CVSS 5.0 (medium): phpAdsNew 2.0.4 allows remote attackers to obtain sensitive information via a direct request to (1) lib-xmlrpcs.inc.php, (2)…
CVE-2005-3791 — CVSS 5.0 (medium): HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and earlier allows remote attackers to inject arbitrary HTML headers…
CVE-2006-1397 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds before 2.0.8 allow remote attackers to inject…
CVE-2006-5515 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in lib-history.inc.php in phpAdsNew and phpPgAds before 2.0.8-pr1 allows remote attackers to…