Vulnerabilities > Chipmunk Scripts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-05 | CVE-2010-4866 | SQL Injection vulnerability in Chipmunk-Scripts Chipmunk Board 1.3 SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter. | 7.5 |
| 2011-04-27 | CVE-2010-4799 | SQL Injection vulnerability in Chipmunk-Scripts Pwngame 1.0 Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to authenticate.php and the (3) ID parameter to pwn.php. | 6.8 |
| 2009-08-25 | CVE-2008-7072 | Cross-Site Scripting vulnerability in Chipmunk-Scripts Chipmunk Topsites Cross-site scripting (XSS) vulnerability in index.php in Chipmunk Topsites allows remote attackers to inject arbitrary web script or HTML via the start parameter. | 4.3 |
| 2009-08-25 | CVE-2008-7071 | SQL Injection vulnerability in Chipmunk-Scripts Chipmunk Topsites SQL injection vulnerability in authenticate.php in Chipmunk Topsites allows remote attackers to execute arbitrary SQL commands via the username parameter, related to login.php. | 7.5 |
| 2009-03-02 | CVE-2008-6368 | SQL Injection vulnerability in Chipmunk Scripts Chipmunk Guestbook 1.4M SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter. | 7.5 |
| 2009-02-03 | CVE-2009-0403 | SQL Injection vulnerability in Chipmunk Scripts Chipmunk Blogger SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |
| 2009-02-03 | CVE-2009-0399 | Permissions, Privileges, and Access Controls vulnerability in Chipmunk Scripts Chipmunk Blogger Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php. | 7.5 |
| 2008-11-04 | CVE-2008-4921 | Permissions, Privileges, and Access Controls vulnerability in Chipmunk Scripts Chipmunk CMS 1.3 board/admin/reguser.php in Chipmunk CMS 1.3 allows remote attackers to bypass authentication and gain administrator privileges via a direct request. | 7.5 |
| 2008-07-15 | CVE-2008-3186 | Cross-Site Scripting vulnerability in Chipmunk Scripts Chipmunk Blogger Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comments.php, (3) photos.php, (4) archive.php, or (5) cat.php. | 4.3 |
| 2007-02-24 | CVE-2006-7043 | Cross-Site Scripting vulnerability in Chipmunk Blogger Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blogger allow remote authenticated users to inject arbitrary web script or HTML via script tags in (1) posts and (2) profile names; and (3) a javascript URI in a URL argument in the photo gallery. network chipmunk-scripts | 3.5 |