Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
comscripts vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1144
Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote malicious users to list arbitrary directories via a .. (dot dot) in the dir parameter.
Comscripts J-web Pics Navigator 1.0
Comscripts J-web Pics Navigator 2.0
NA
CVE-2006-4622
PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Comscripts Annoncev 1.1
1 EDB exploit
NA
CVE-2006-3170
CS-Forum prior to 0.82 allows remote malicious users to obtain sensitive information via unspecified manipulations, possibly involving an empty collapse[] or readall parameter to index.php, which reveals the installation path in an error message.
Comscripts Cs-forum
NA
CVE-2006-3171
CRLF injection vulnerability in CS-Forum prior to 0.82 allows remote malicious users to inject arbitrary email headers via a newline character in the email parameter to ajouter.php.
Comscripts Cs-forum
NA
CVE-2007-4937
CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.
Comscripts Cs Guestbook
1 EDB exploit
NA
CVE-2007-0361
PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote malicious users to execute arbitrary PHP code via a URL in the chem parameter.
Comscripts Phpmyphorum 1.5a
1 EDB exploit
NA
CVE-2006-3168
SQL injection vulnerability in CS-Forum prior to 0.82 allows remote malicious users to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php.
Comscripts Cs-forum
NA
CVE-2006-3169
Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) msg_result and (2) rep_titre parameters in (a) read.php; and the (3) id and (4) parent parameters and (5) CSF...
Comscripts Cs-forum
NA
CVE-2006-4753
Directory traversal vulnerability in index.php in PHProg prior to 1.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the lang parameter.
Comscripts Phprog 1.0
1 EDB exploit
NA
CVE-2006-4754
Cross-site scripting (XSS) vulnerability in index.php in PHProg prior to 1.1 allows remote malicious users to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an i...
Comscripts Phprog 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »