Vulnerabilities > Advanced Comment System Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-23 | CVE-2020-35598 | Path Traversal vulnerability in Advanced Comment System Project Advanced Comment System 1.0 ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. | 7.5 |
2019-03-21 | CVE-2018-18845 | Cross-site Scripting vulnerability in Advanced Comment System Project Advanced Comment System 1.0 internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php in Advanced Comment System, version 1.0, contain a reflected cross-site scripting vulnerability via ACS_path. | 6.1 |
2018-11-29 | CVE-2018-18619 | SQL Injection vulnerability in Advanced Comment System Project Advanced Comment System 1.0 internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter. | 9.8 |