CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Scoznet: >> Scozbook >> 1.1_beta Security Vulnerabilities

CVE-2006-0079

SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote attackers to execute arbitrary SQL commands via the username field (adminname variable).

CVSS Score

7.5

EPSS Score

0.009

Published

2006-01-04

CVE-2003-1554

Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.

CVSS Score

4.3

EPSS Score

0.005

Published

2003-12-31

CVE-2003-1555

ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message.

CVSS Score

5.0

EPSS Score

0.042

Published

2003-12-31

Page 1

Vulnerabilities

Vulnerable Software

Scoznet: >> Scozbook >> 1.1_beta Security Vulnerabilities

Products

Pricing

Contact Us