1scripts: Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVSS Score
4.3
EPSS Score
0.01
Published
2009-03-02
SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-03-02
SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote attackers to execute arbitrary SQL commands via the site parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-02-25
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVSS Score
6.8
EPSS Score
0.039
Published
2008-07-16