GCVE - cpe:2.3:a:all_enthusiast_inc:reviewpost_php

Approved changes feed: RSS · Atom

cpe:2.3:a:all_enthusiast_inc:reviewpost_php_pro:2.5:*:*:*:*:*:*:*

part: a version: 2.5 update: *

Vendor	All Enthusiast Inc (`ff966afa-7c7b-5dc1-a354-7e341cb615e8`)
Product	Reviewpost Php Pro (`f5de1a07-8227-5f48-a97a-b432efa42183`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-4864`	vulnerable	2026-06-08 04:49:19.088974	Details available PHP remote file inclusion vulnerability in index.php in All Enthusiast ReviewPost 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the RP_PATH parameter. Published: 2006-09-19T18:00:00.000Z Updated: 2024-08-07T19:32:21.479Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2006/3658 http://www.nyubicrew.org/adv/home_edition2001-adv-01.txt http://secunia.com/advisories/21971 http://securityreason.com/securityalert/1603 https://exchange.xforce.ibmcloud.com/vulnerabilities/28992	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-2175`	vulnerable	2026-06-08 04:48:08.788282	Details available Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. Published: 2005-07-10T04:00:00.000Z Updated: 2024-08-08T01:15:01.748Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/9574 https://exchange.xforce.ibmcloud.com/vulnerabilities/15035 http://secunia.com/advisories/10786/ http://www.zone-h.org/en/advisories/read/id=3864/ http://www.securityfocus.com/archive/1/352598	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.