Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iscripts vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-10051
iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter.
Iscripts Supportdesk 4.3
6.1
CVSSv3
CVE-2018-9235
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
Iscripts Sonicbb 1.0
1 EDB exploit
5.4
CVSSv3
CVE-2018-9236
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field.
Iscripts Easycreate 3.2.1
1 EDB exploit
5.4
CVSSv3
CVE-2018-9237
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field.
Iscripts Easycreate 3.2.1
1 EDB exploit
NA
CVE-2013-7189
Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote malicious users to execute arbitrary SQL commands via the cmbdomain parameter to (1) checktransferstatus.php, (2) checktransferstatusbck.php, or (3) additionalsettings.php; or (4) invno para...
Iscripts Autohoster 2.4
4 EDB exploits
NA
CVE-2013-7190
Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote malicious users to read arbitrary files via the (1) tmpid parameter to websitebuilder/showtemplateimage.php, (2) fname parameter to admin/downloadfile.php, or (3) id parameter to suppo...
Iscripts Autohoster 2.4
4 EDB exploits
NA
CVE-2010-5034
SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote malicious users to execute arbitrary SQL commands via the planid parameter.
Iscripts Easybiller 1.1
1 EDB exploit
NA
CVE-2010-5035
Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote malicious users to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information.
Iscripts Eswap 2.0
1 EDB exploit
NA
CVE-2010-5036
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote malicious users to execute arbitrary SQL commands via the type parameter.
Iscripts Eswap 2.0
1 EDB exploit
NA
CVE-2010-4980
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Iscripts Reservelogic 1.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »