RSS   Podatności dla 'Paid to read script'   RSS

2017-12-19
 
CVE-2017-17779

CWE-89
 

 
Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter.

 
 
CVE-2017-17778

CWE-79
 

 
Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter.

 
 
CVE-2017-17777

CWE-287
 

 
Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter.

 
 
CVE-2017-17776

CWE-200
 

 
Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter.

 
2017-12-18
 
CVE-2017-17651

CWE-89
 

 
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top