Vulnerabilities > Chipmunk Scripts > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-05 | CVE-2010-4866 | SQL Injection vulnerability in Chipmunk-Scripts Chipmunk Board 1.3 SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter. | 7.5 |
| 2009-08-25 | CVE-2008-7071 | SQL Injection vulnerability in Chipmunk-Scripts Chipmunk Topsites SQL injection vulnerability in authenticate.php in Chipmunk Topsites allows remote attackers to execute arbitrary SQL commands via the username parameter, related to login.php. | 7.5 |
| 2009-03-02 | CVE-2008-6368 | SQL Injection vulnerability in Chipmunk Scripts Chipmunk Guestbook 1.4M SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter. | 7.5 |
| 2009-02-03 | CVE-2009-0403 | SQL Injection vulnerability in Chipmunk Scripts Chipmunk Blogger SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |
| 2009-02-03 | CVE-2009-0399 | Permissions, Privileges, and Access Controls vulnerability in Chipmunk Scripts Chipmunk Blogger Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php. | 7.5 |
| 2008-11-04 | CVE-2008-4921 | Permissions, Privileges, and Access Controls vulnerability in Chipmunk Scripts Chipmunk CMS 1.3 board/admin/reguser.php in Chipmunk CMS 1.3 allows remote attackers to bypass authentication and gain administrator privileges via a direct request. | 7.5 |
| 2006-04-11 | CVE-2006-1683 | SQL Injection vulnerability in Chipmunk Guestbook SQL injection vulnerability in admin/login.php in Chipmunk Guestbook allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the User name. | 7.5 |
| 2005-05-02 | CVE-2005-0368 | SQL Injection vulnerability in CMScore Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php. | 7.5 |