Vendor Dictionary: PHP Arena

PHP Arena

Short Name:	[None Entered]
Previous Names:	[None Entered]
URL:	[None Entered]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]

Vulnerabilities by Vendor Product

PHP Arena

PHP Arena

paNews: 2.0.4b; OSVDB ID: 15452 paNews admin_setup.php Multiple Parameter Arbitrary PHP Code Injection

paCheckbook: 1.1; OSVDB ID: 25349 PHP Arena paCheckbook index.php Multiple Parameter SQL Injection

paFAQ: beta4; OSVDB ID: 13935 paFAQ answer.php offset Parameter SQL Injection; OSVDB ID: 13937 paFAQ comment.php Multiple Parameter SQL Injection; OSVDB ID: 13934 paFAQ question.php Multiple Parameter SQL Injection; OSVDB ID: 13936 paFAQ search.php search_item Parameter SQL Injection; 1.0 beta 4; OSVDB ID: 17567 paFAQ Upload a Language Pack Arbitrary Code Execution; OSVDB ID: 17563 paFAQ index.php id Parameter XSS; OSVDB ID: 17564 paFAQ index.php username Parameter SQL Injection; OSVDB ID: 17565 paFAQ Unspecified Multiple Scripts id Parameter SQL Injection; OSVDB ID: 17566 paFAQ backup.php Database Disclosure Privilege Escalation

paFileDB Extreme Edition: RC 5; OSVDB ID: 21822 paFileDB Extreme Edition pafiledb.php Multiple Parameter SQL Injection; RC 4; OSVDB ID: 21822 paFileDB Extreme Edition pafiledb.php Multiple Parameter SQL Injection; RC 3; OSVDB ID: 21822 paFileDB Extreme Edition pafiledb.php Multiple Parameter SQL Injection; RC 2; OSVDB ID: 21822 paFileDB Extreme Edition pafiledb.php Multiple Parameter SQL Injection; RC 1; OSVDB ID: 21822 paFileDB Extreme Edition pafiledb.php Multiple Parameter SQL Injection

paFileDB: 3.1; OSVDB ID: 5696 paFileDB pafiledb.php Installation Path Disclosure; OSVDB ID: 14967 paFileDB viewall.php Installation Path Disclosure; OSVDB ID: 14968 paFileDB stats.php Installation Path Disclosure; OSVDB ID: 14969 paFileDB search.php Installation Path Disclosure; OSVDB ID: 14970 paFileDB rate.php Installation Path Disclosure; OSVDB ID: 14971 paFileDB main.php Installation Path Disclosure; OSVDB ID: 14972 paFileDB license.php Installation Path Disclosure; OSVDB ID: 14973 paFileDB category.php Installation Path Disclosure; OSVDB ID: 14974 paFileDB download.php Installation Path Disclosure; OSVDB ID: 14975 paFileDB file.php Installation Path Disclosure; OSVDB ID: 14976 paFileDB email.php Installation Path Disclosure; OSVDB ID: 14977 paFileDB admin.php Installation Path Disclosure; OSVDB ID: 15033 paFileDB login.php Installation Path Disclosure; OSVDB ID: 15294 paFileDB pafiledb.php start Parameter SQL Injection; OSVDB ID: 14839 paFileDB viewall.php start Parameter SQL Injection; OSVDB ID: 14840 paFileDB category.php start Parameter SQL Injection; OSVDB ID: 14841 paFileDB viewall.php start Parameter XSS; OSVDB ID: 14842 paFileDB category.php start Parameter XSS; OSVDB ID: 16818 paFileDB auth.php Path Disclosure; OSVDB ID: 16819 paFileDB custom.php Path Disclosure; OSVDB ID: 16820 paFileDB backupdb.php Path Disclosure; OSVDB ID: 16821 paFileDB restoredb.php Path Disclosure; OSVDB ID: 16822 paFileDB settings.php Path Disclosure; OSVDB ID: 16823 paFileDB options.php Path Disclosure; OSVDB ID: 5695 paFileDB pafiledb.php Multiple Variables XSS; 3.1 Final; OSVDB ID: 15293 paFileDB pafiledb.php action Parameter Arbitrary PHP Code Injection

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.