Vulnerabilities > Editeurscripts

DATE CVE VULNERABILITY TITLE RISK
2009-07-24 CVE-2008-6876 Cross-Site Scripting vulnerability in Editeurscripts Espartenaires 1.0
Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
4.3
2009-07-23 CVE-2009-2581 Cross-Site Scripting vulnerability in Editeurscripts Esnews 1.2
Cross-site scripting (XSS) vulnerability in modifier.php in EditeurScripts EsNews 1.2 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
4.3
2009-07-23 CVE-2008-6868 Cross-Site Scripting vulnerability in Editeurscripts Esbaseadmin 2.1
Cross-site scripting (XSS) vulnerability in default/login.php in EditeurScripts EsBaseAdmin 2.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
4.3
2009-01-30 CVE-2008-6016 SQL Injection vulnerability in Editeurscripts Esfaq 2.0
SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3952.
network
low complexity
editeurscripts CWE-89
7.5
2009-01-30 CVE-2008-6015 SQL Injection vulnerability in Editeurscripts Esfaq 2.0
Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) keywords and (2) cat parameters.
network
low complexity
editeurscripts CWE-89
7.5
2008-04-30 CVE-2008-2037 Cross-Site Scripting vulnerability in Editeurscripts Escontacts 1.0
Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to (1) login.php, (2) importer.php, (3) add_groupe.php, (4) contacts.php, (5) groupes.php, and (6) search.php.
3.5