Vulnerabilities > Darrens 5 Dollar Script Archive

DATE CVE VULNERABILITY TITLE RISK
2007-02-07 CVE-2007-0834 Cross-Site Scripting vulnerability in Darrens 5-Dollar Script Archive Flashchat 4.7.8
Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via the user name field when the user joins a chat room, a different vulnerability than CVE-2007-0807.
6.8
2007-02-07 CVE-2007-0807 HTML Injection vulnerability in Darrens 5-Dollar Script Archive Flashchat 4.7.8
Cross-site scripting (XSS) vulnerability in info.php in flashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via a channel title (aka room name) that is not properly handled by the "who's online" feature.
6.8
2006-09-06 CVE-2006-4583 Code Injection vulnerability in Darrens 5-Dollar Script Archive Flashchat
Multiple PHP remote file inclusion vulnerabilities in FlashChat before 4.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/cmses/aedatingCMS.php, (2) inc/cmses/aedatingCMS2.php, or (3) inc/cmses/aedating4CMS.php.
network
low complexity
darrens-5-dollar-script-archive CWE-94
7.5
2006-07-21 CVE-2006-3767 HTML Injection vulnerability in Osdate 1.1.5/1.1.6
Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attribute in an HTML IMG tag with a non-existent source file in txtcomment parameter, which is used when posting a comment.
6.8
2006-07-21 CVE-2006-3766 Remote Security vulnerability in Osdate 1.1.5/1.1.6
Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10.
network
low complexity
darrens-5-dollar-script-archive
5.0