W2b

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-6921 1W2b 1Phpadboard Apr 23, 2026 Aug 10, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...Show more Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/.Show less
CVE-2008-6920 1W2b 1Phpemployment Apr 23, 2026 Aug 10, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a d...Show more Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/.Show less
CVE-2008-6849 1W2b 1Phpgreetcards Apr 23, 2026 Jul 7, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is...Show more Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.Show less
CVE-2008-6848 1W2b 1Phpgreetcards Apr 23, 2026 Jul 7, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to inject arbitrary web script or HTML via the category parameter in a select action.
CVE-2009-2179 1W2b 1Phpdatingclub Apr 23, 2026 Jun 23, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sform[day] parameter.
CVE-2009-2178 1W2b 1Phpdatingclub Apr 23, 2026 Jun 23, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in website.php in phpDatingClub 3.7 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2008-3179 1W2b 1Phpdatingclub Apr 23, 2026 Jul 15, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
CVE-2008-1893 1W2b 1Online Banking Apr 23, 2026 Apr 18, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP remote file inclusion vulnerability in index.php in W2B Online Banking allows remote attackers to execute arbitrary PHP code via a URL in the ilang parameter.
CVE-2008-1844 1W2b 1Phphotresources Apr 23, 2026 Apr 16, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter.
CVE-2008-1843 1W2b 1Dating Club Apr 23, 2026 Apr 16, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action.
CVE-2007-3175 1W2b 1Online Banking Apr 23, 2026 Jun 11, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b.
CVE-2007-3174 1W2b 1Online Banking Apr 23, 2026 Jun 11, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980.
CVE-2006-1980 1W2b 1Online Banking Apr 16, 2026 Apr 21, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter.
CVE-2005-4088 1W2b 1Phpforumpro Apr 16, 2026 Dec 8, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters.