Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iscripts vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4169
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote malicious users to execute arbitrary SQL commands via the produid parameter.
Iscripts Easyindex
1 EDB exploit
NA
CVE-2010-2853
SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote malicious users to execute arbitrary SQL commands via the product_id parameter.
Iscripts Visualcaster
1 EDB exploit
NA
CVE-2008-1772
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent malicious users to obtain sensitive information.
Iscripts Socialware
1 EDB exploit
NA
CVE-2008-1790
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulner...
Iscripts Socialware
1 EDB exploit
NA
CVE-2008-1859
SQL injection vulnerability in events.php in iScripts SocialWare allows remote malicious users to execute arbitrary SQL commands via the id parameter in a show action.
Iscripts Socialware
1 EDB exploit
NA
CVE-2007-5261
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.
Iscripts Multicart 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-10048
iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel.
Iscripts Eswap 2.4
7.2
CVSSv3
CVE-2018-10050
iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel.
Iscripts Eswap 2.4
6.1
CVSSv3
CVE-2018-10135
iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel.
Iscripts Eswap 2.4
6.1
CVSSv3
CVE-2018-9235
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
Iscripts Sonicbb 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »