Vulnerabilities > Editeurscripts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-07-24 | CVE-2008-6876 | Cross-Site Scripting vulnerability in Editeurscripts Espartenaires 1.0 Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2009-07-23 | CVE-2009-2581 | Cross-Site Scripting vulnerability in Editeurscripts Esnews 1.2 Cross-site scripting (XSS) vulnerability in modifier.php in EditeurScripts EsNews 1.2 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2009-07-23 | CVE-2008-6868 | Cross-Site Scripting vulnerability in Editeurscripts Esbaseadmin 2.1 Cross-site scripting (XSS) vulnerability in default/login.php in EditeurScripts EsBaseAdmin 2.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2009-01-30 | CVE-2008-6016 | SQL Injection vulnerability in Editeurscripts Esfaq 2.0 SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3952. | 7.5 |
2009-01-30 | CVE-2008-6015 | SQL Injection vulnerability in Editeurscripts Esfaq 2.0 Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) keywords and (2) cat parameters. | 7.5 |
2008-04-30 | CVE-2008-2037 | Cross-Site Scripting vulnerability in Editeurscripts Escontacts 1.0 Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to (1) login.php, (2) importer.php, (3) add_groupe.php, (4) contacts.php, (5) groupes.php, and (6) search.php. | 3.5 |