Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iscripts vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2008-1790
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulner...
Iscripts Socialware
1 EDB exploit
755
VMScore
CVE-2008-1859
SQL injection vulnerability in events.php in iScripts SocialWare allows remote malicious users to execute arbitrary SQL commands via the id parameter in a show action.
Iscripts Socialware
1 EDB exploit
755
VMScore
CVE-2010-2853
SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote malicious users to execute arbitrary SQL commands via the product_id parameter.
Iscripts Visualcaster
1 EDB exploit
755
VMScore
CVE-2008-4169
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote malicious users to execute arbitrary SQL commands via the produid parameter.
Iscripts Easyindex
1 EDB exploit
505
VMScore
CVE-2008-1772
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent malicious users to obtain sensitive information.
Iscripts Socialware
1 EDB exploit
435
VMScore
CVE-2018-9235
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
Iscripts Sonicbb 1.0
1 EDB exploit
355
VMScore
CVE-2018-9236
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field.
Iscripts Easycreate 3.2.1
1 EDB exploit
770
VMScore
CVE-2013-7189
Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote malicious users to execute arbitrary SQL commands via the cmbdomain parameter to (1) checktransferstatus.php, (2) checktransferstatusbck.php, or (3) additionalsettings.php; or (4) invno para...
Iscripts Autohoster 2.4
4 EDB exploits
605
VMScore
CVE-2018-10048
iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel.
Iscripts Eswap 2.4
312
VMScore
CVE-2018-10049
iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel.
Iscripts Eswap 2.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »