Built2go: Security Vulnerabilities
SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-10-09
PHP remote file inclusion vulnerability in config.php in Built2Go PHP Link Portal 1.79 allows remote attackers to execute arbitrary PHP code via a URL in the full_path_to_db parameter.
CVSS Score
7.5
EPSS Score
0.006
Published
2007-04-26
Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) uid, and (3) nid parameters to (a) news.php, and the nid parameter to (b) rating.php.
CVSS Score
4.3
EPSS Score
0.045
Published
2007-03-03
PHP remote file inclusion vulnerability in movie_cls.php in Built2Go PHP Movie Review 2B and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path parameter.
CVSS Score
7.5
EPSS Score
0.116
Published
2006-04-25