Vulnerabilities > Idevspot

DATE CVE VULNERABILITY TITLE RISK
2007-07-30 CVE-2007-4094 Remote Security vulnerability in PHPHostBot
PHP remote file inclusion vulnerability in library/authorize.php in IDevSpot PhpHostBot allows remote attackers to execute arbitrary PHP code via a URL in the login_form parameter, a different vector than CVE-2006-3776.
network
low complexity
idevspot
7.5
2006-09-19 CVE-2006-4894 Cross-Site Scripting vulnerability in Idevspot Nixieaffiliate 1.9
Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter.
network
idevspot
4.3
2006-09-19 CVE-2006-4895 Authentication Bypass vulnerability in Idevspot Nixieaffiliate 1.9
IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a modified id parameter to delete.php.
network
low complexity
idevspot
7.5
2006-09-19 CVE-2006-4883 Cross-Site Scripting vulnerability in IDevSpot BizDirectory
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php.
network
idevspot
4.3
2006-09-19 CVE-2006-4884 Cross-Site Scripting vulnerability in Idevspot Isupport 1.8
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via (1) the suser parameter in support/rightbar.php, (2) the ticket_id parameter in support/open_tickets.php, and (3) the cons_page_title parameter in index.php.
network
idevspot
4.3
2006-09-13 CVE-2006-4741 Input Validation vulnerability in Idevspot PHPlinkexchange 1.0
PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter.
network
low complexity
idevspot
7.5
2006-09-13 CVE-2006-4742 Input Validation vulnerability in Idevspot PHPlinkexchange 1.0
Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
network
idevspot
4.3
2006-09-13 CVE-2006-4747 Cross-Site Scripting vulnerability in IDevSpot TextAds
Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error parameter in error.php.
network
idevspot
4.3
2006-07-24 CVE-2006-3776 Code Injection vulnerability in Idevspot Autohost and PHPhostbot
PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
network
low complexity
idevspot CWE-94
7.5
2006-07-24 CVE-2006-3777 Code Injection vulnerability in Idevspot PHPlinkexchange 1.0
PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
network
low complexity
idevspot CWE-94
7.5