Vulnerabilities > Easy Script

DATE CVE VULNERABILITY TITLE RISK
2009-02-19 CVE-2008-6165 SQL Injection vulnerability in Easy-Script Cspartner 0.1
SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters.
6.8
2008-12-03 CVE-2008-5323 Cross-Site Scripting vulnerability in Easy-Script Wysi Wiki WYG 1.0
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
4.3
2008-12-03 CVE-2008-5322 Information Exposure vulnerability in Easy-Script Wysi Wiki WYG 1.0
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
network
low complexity
easy-script CWE-200
7.8
2008-11-13 CVE-2008-5065 Improper Authentication vulnerability in Easy-Script Tlguesbook 1.2
TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
network
low complexity
easy-script CWE-287
7.5
2008-10-29 CVE-2008-4783 Improper Authentication vulnerability in Easy-Script Tlads 1.0
tlAds 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the tlAds_login cookie to "admin."
network
low complexity
easy-script CWE-287
7.5
2008-10-29 CVE-2008-4781 Path Traversal vulnerability in Easy-Script Myktools 2.4
Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
easy-script CWE-22
7.5
2008-10-29 CVE-2008-4780 Path Traversal vulnerability in Easy-Script Myforum 1.3
Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter.
6.8
2008-07-30 CVE-2008-3388 SQL Injection vulnerability in Easy-Script DEF Blog 1.0.3
Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to (1) comaddok.php and (2) comlook.php.
network
low complexity
easy-script CWE-89
7.5
2008-07-17 CVE-2008-3205 Path Traversal vulnerability in Easy-Script Wysi Wiki WYG 1.0
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a ..
network
low complexity
easy-script CWE-22
5.0
2008-07-17 CVE-2008-3200 SQL Injection vulnerability in Easy-Script Avlc Forum
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote attackers to execute arbitrary SQL commands via the id parameter in an affich_message action.
network
low complexity
easy-script CWE-89
7.5