Shodan
Vulnerabilities
Vulnerable Software
Easy-Script:  Security Vulnerabilities
CVE-2008-6165
SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters.
CVSS Score
6.8
EPSS Score
0.002
Published
2009-02-19
CVE-2008-5322
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
CVSS Score
7.8
EPSS Score
0.023
Published
2008-12-03
CVE-2008-5323
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVSS Score
4.3
EPSS Score
0.016
Published
2008-12-03
CVE-2008-5065
TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
CVSS Score
7.5
EPSS Score
0.018
Published
2008-11-13
CVE-2008-4780
Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter.
CVSS Score
6.8
EPSS Score
0.015
Published
2008-10-29
CVE-2008-4781
Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter.
CVSS Score
7.5
EPSS Score
0.015
Published
2008-10-29
CVE-2008-4783
tlAds 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the tlAds_login cookie to "admin."
CVSS Score
7.5
EPSS Score
0.02
Published
2008-10-29
CVE-2008-3388
Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to (1) comaddok.php and (2) comlook.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-07-30
CVE-2008-3200
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote attackers to execute arbitrary SQL commands via the id parameter in an affich_message action.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-07-17
CVE-2008-3205
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
CVSS Score
5.0
EPSS Score
0.02
Published
2008-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved