John Finlay

Short Name: [None Entered]
Previous Names: [None Entered]
URL: http://phpgedview.sourceforge.net/ [visit link]
Email: [None Entered]
Security URL: [None Entered]
Security Email: [None Entered]
Knowledge Base: [None Entered]
Notes: Bug web form: http://sourceforge.net/tracker/?group_id=55456&atid=477079

Full Details...

Vulnerabilities by Vendor Product

John Finlay

John Finlay
PhpGedView Watch-list
2.61
OSVDB ID: 3343 PhpGedView $PGV_BASE_DIRECTORY PHP File Include
OSVDB ID: 3402 PhpGedView search.php XSS
OSVDB ID: 3403 PhpGedView editconfig.php Change Administrative Password
OSVDB ID: 3404 PhpGedView admin.php Information Disclosure
OSVDB ID: 3453 PhpGedView timeline.php SQL Injection
OSVDB ID: 3463 PhpGedView placelist.php SQL Injection
OSVDB ID: 3769 PhpGedView PGV_BASE_DIRECTORY Arbitrary Command Execution
2.52
OSVDB ID: 3453 PhpGedView timeline.php SQL Injection
OSVDB ID: 3463 PhpGedView placelist.php SQL Injection
2.52.1
OSVDB ID: 3453 PhpGedView timeline.php SQL Injection
OSVDB ID: 3463 PhpGedView placelist.php SQL Injection
2.52.3
OSVDB ID: 3453 PhpGedView timeline.php SQL Injection
OSVDB ID: 3463 PhpGedView placelist.php SQL Injection
2.60
OSVDB ID: 3453 PhpGedView timeline.php SQL Injection
OSVDB ID: 3463 PhpGedView placelist.php SQL Injection
OSVDB ID: 3769 PhpGedView PGV_BASE_DIRECTORY Arbitrary Command Execution
2.61.1
OSVDB ID: 3453 PhpGedView timeline.php SQL Injection
OSVDB ID: 3463 PhpGedView placelist.php SQL Injection
OSVDB ID: 3769 PhpGedView PGV_BASE_DIRECTORY Arbitrary Command Execution
2.65.1
OSVDB ID: 3768 PhpGedView editconfig_gedcom.php gedcom_config Parameter Remote File Inclusion
OSVDB ID: 3769 PhpGedView PGV_BASE_DIRECTORY Arbitrary Command Execution
2.65
OSVDB ID: 3769 PhpGedView PGV_BASE_DIRECTORY Arbitrary Command Execution
2.65 beta 5
OSVDB ID: 3464 PhpGedView indilist.php Path Disclosure
OSVDB ID: 7044 PhpGedView famlist.php Path Disclosure
OSVDB ID: 7045 PhpGedView placelist.php Path Disclosure
OSVDB ID: 7046 PhpGedView imageview.php Path Disclosure
OSVDB ID: 7047 PhpGedView timeline.php Path Disclosure
OSVDB ID: 7048 PhpGedView clippings.php Path Disclosure
OSVDB ID: 7049 PhpGedView login.php Path Disclosure
OSVDB ID: 7050 PhpGedView gdbi.php Path Disclosure
OSVDB ID: 3482 PhpGedView gedrecord.php pid Parameter XSS
OSVDB ID: 3481 PhpGedView calendar.php Multiple Variables XSS
OSVDB ID: 3479 PhpGedView source.php sid Parameter XSS
OSVDB ID: 3478 PhpGedView relationship.php Multiple Variables XSS
OSVDB ID: 3477 PhpGedView login.php Multiple Variables XSS
OSVDB ID: 3476 PhpGedView individual.php pid Parameter XSS
OSVDB ID: 3475 PhpGedView index.php rootid Parameter XSS
OSVDB ID: 3473 PhpGedView gdbi_interface.php pid Parameter XSS
OSVDB ID: 3474 PhpGedView descendancy.php pid Parameter XSS
OSVDB ID: 3480 PhpGedView imageview.php filename Parameter XSS
3.3.7
OSVDB ID: 22010 PhpGedView Registration Multiple Field Arbitrary PHP Code Execution
OSVDB ID: 22009 PhpGedView help_text_vars.php PGV_BASE_DIRECTORY Parameter Remote File Inclusion



The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use