Shodan
Vulnerabilities
Vulnerable Software
Iscripts:  Security Vulnerabilities
CVE-2010-4980
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVSS Score
7.5
EPSS Score
0.028
Published
2011-11-01
CVE-2010-2853
SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter.
CVSS Score
7.5
EPSS Score
0.014
Published
2010-07-25
CVE-2010-2624
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2010-07-02
CVE-2008-4169
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-09-22
CVE-2008-1859
SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVSS Score
7.5
EPSS Score
0.004
Published
2008-04-16
CVE-2008-1790
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.
CVSS Score
6.5
EPSS Score
0.006
Published
2008-04-15
CVE-2008-1772
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.
CVSS Score
5.0
EPSS Score
0.035
Published
2008-04-14
CVE-2008-0911
SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter.
CVSS Score
6.5
EPSS Score
0.003
Published
2008-02-22
CVE-2007-5261
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.
CVSS Score
6.4
EPSS Score
0.003
Published
2007-10-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved