Php Arena CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (32 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2005-0780	1 Php Arena	1 Pafiledb	2026-04-16	N/A
paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) auth.php, (2) login.php, (3) category.php, (4) file.php, (5) team.php, (6) license.php, (7) custom.php, (8) admins.php, or (9) backupdb.php, which reveal the path in a PHP error message.
CVE-2005-1999	1 Php Arena	1 Pafiledb	2026-04-16	N/A
Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby or (2) filelist parameters to the category action (category.php), or (3) pages parameter in the viewall action (viewall.php).
CVE-2005-2001	1 Php Arena	1 Pafiledb	2026-04-16	N/A
Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the action parameter.
CVE-2005-2011	1 Php Arena	1 Pafaq	2026-04-16	N/A
Multiple cross-site scripting (XSS) vulnerabilities in paFAQ 1.0 Beta 4 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the id parameter in a Question action.
CVE-2005-2012	1 Php Arena	1 Pafaq	2026-04-16	N/A
Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) id parameters.
CVE-2006-2361	2 Mxbb, Php Arena	2 Mxbb Portal, Pafiledb	2026-04-16	N/A
PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
CVE-2005-0326	1 Php Arena	1 Pafiledb	2026-04-16	N/A
pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script.
CVE-2005-0327	1 Php Arena	1 Pafiledb	2026-04-16	N/A
pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php.
CVE-2002-1929	1 Php Arena	1 Pafiledb	2026-04-16	N/A
Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (2) email, or (3) download actions.
CVE-2005-0782	1 Php Arena	1 Pafiledb	2026-04-16	N/A
Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the start parameter to pafiledb.php.
CVE-2002-1931	1 Php Arena	1 Pafiledb	2026-04-16	N/A
Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string.
CVE-2004-1551	1 Php Arena	1 Pafiledb	2026-04-16	N/A
Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter.

« first previous Page 2 of 2.