Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iscripts vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-1859
SQL injection vulnerability in events.php in iScripts SocialWare allows remote malicious users to execute arbitrary SQL commands via the id parameter in a show action.
Iscripts Socialware
1 EDB exploit
5
CVSSv2
CVE-2008-1772
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent malicious users to obtain sensitive information.
Iscripts Socialware
1 EDB exploit
6.5
CVSSv2
CVE-2008-1790
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulner...
Iscripts Socialware
1 EDB exploit
7.5
CVSSv2
CVE-2008-4169
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote malicious users to execute arbitrary SQL commands via the produid parameter.
Iscripts Easyindex
1 EDB exploit
7.5
CVSSv2
CVE-2010-2853
SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote malicious users to execute arbitrary SQL commands via the product_id parameter.
Iscripts Visualcaster
1 EDB exploit
4.3
CVSSv2
CVE-2018-9235
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
Iscripts Sonicbb 1.0
1 EDB exploit
3.5
CVSSv2
CVE-2018-9237
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field.
Iscripts Easycreate 3.2.1
1 EDB exploit
6.5
CVSSv2
CVE-2018-11470
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel.
Iscripts Eswap 2.4
1 Github repository
7.5
CVSSv2
CVE-2010-4980
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Iscripts Reservelogic 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2010-4983
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Iscripts Cybermatch 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »