Shodan
Vulnerabilities
Vulnerable Software
Websitebaker:  >> Websitebaker  >> 2.8.3  Security Vulnerabilities
CVE-2017-7410
Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter.
CVSS Score
9.8
EPSS Score
0.017
Published
2017-04-03
CVE-2015-0553
Cross-site scripting (XSS) vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 SP3 allows remote attackers to inject arbitrary web script or HTML via the page_id parameter.
CVSS Score
4.3
EPSS Score
0.006
Published
2015-01-21
CVE-2014-9243
Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker 2.8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERY_STRING to wb/admin/admintools/tool.php or (2) section_id parameter to edit_module_files.php, (3) news/add_post.php, (4) news/modify_group.php, (5) news/modify_post.php, or (6) news/modify_settings.php in wb/modules/.
CVSS Score
4.3
EPSS Score
0.006
Published
2014-12-03
CVE-2014-9242
SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVSS Score
7.5
EPSS Score
0.008
Published
2014-12-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved