Shodan
Vulnerabilities
Vulnerable Software
Idevspot:  Security Vulnerabilities
CVE-2007-4094
PHP remote file inclusion vulnerability in library/authorize.php in IDevSpot PhpHostBot allows remote attackers to execute arbitrary PHP code via a URL in the login_form parameter, a different vector than CVE-2006-3776.
CVSS Score
7.5
EPSS Score
0.005
Published
2007-07-30
CVE-2006-4894
Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter.
CVSS Score
4.3
EPSS Score
0.005
Published
2006-09-19
CVE-2006-4895
IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a modified id parameter to delete.php.
CVSS Score
7.5
EPSS Score
0.01
Published
2006-09-19
CVE-2006-4883
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php.
CVSS Score
4.3
EPSS Score
0.005
Published
2006-09-19
CVE-2006-4884
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via (1) the suser parameter in support/rightbar.php, (2) the ticket_id parameter in support/open_tickets.php, and (3) the cons_page_title parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVSS Score
4.3
EPSS Score
0.004
Published
2006-09-19
CVE-2006-4741
PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter.
CVSS Score
7.5
EPSS Score
0.038
Published
2006-09-13
CVE-2006-4742
Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVSS Score
4.3
EPSS Score
0.025
Published
2006-09-13
CVE-2006-4747
Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error parameter in error.php.
CVSS Score
4.3
EPSS Score
0.014
Published
2006-09-13
CVE-2006-3776
PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
CVSS Score
7.5
EPSS Score
0.028
Published
2006-07-24
CVE-2006-3777
PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
CVSS Score
7.5
EPSS Score
0.033
Published
2006-07-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved