Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iscripts vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2018-10049
iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel.
Iscripts Eswap 2.4
7.2
CVSSv3
CVE-2018-10050
iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel.
Iscripts Eswap 2.4
NA
CVE-2013-7190
Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote malicious users to read arbitrary files via the (1) tmpid parameter to websitebuilder/showtemplateimage.php, (2) fname parameter to admin/downloadfile.php, or (3) id parameter to suppo...
Iscripts Autohoster 2.4
4 EDB exploits
NA
CVE-2010-2624
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php.
Iscripts Easysnaps 2.0
1 EDB exploit
6.1
CVSSv3
CVE-2018-9235
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
Iscripts Sonicbb 1.0
1 EDB exploit
NA
CVE-2008-0911
SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter.
Iscripts Multicart 2.0
1 EDB exploit
NA
CVE-2013-7189
Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote malicious users to execute arbitrary SQL commands via the cmbdomain parameter to (1) checktransferstatus.php, (2) checktransferstatusbck.php, or (3) additionalsettings.php; or (4) invno para...
Iscripts Autohoster 2.4
4 EDB exploits
9.8
CVSSv3
CVE-2018-11373
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter.
Iscripts Eswap 2.4
1 Github repository
5.4
CVSSv3
CVE-2018-10051
iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter.
Iscripts Supportdesk 4.3
5.4
CVSSv3
CVE-2018-9236
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field.
Iscripts Easycreate 3.2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »