Vulnerabilities > Paid TO Read Script Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-20 | CVE-2017-17779 | SQL Injection vulnerability in Paid TO Read Script Project Paid TO Read Script 2.0.5 Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter. | 7.5 |
2017-12-20 | CVE-2017-17778 | Cross-site Scripting vulnerability in Paid TO Read Script Project Paid TO Read Script 2.0.5 Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter. | 3.5 |
2017-12-20 | CVE-2017-17777 | Improper Authentication vulnerability in Paid TO Read Script Project Paid TO Read Script 2.0.5 Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter. | 7.5 |
2017-12-20 | CVE-2017-17776 | Information Exposure vulnerability in Paid TO Read Script Project Paid TO Read Script 2.0.5 Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter. | 5.0 |
2017-12-18 | CVE-2017-17651 | SQL Injection vulnerability in Paid TO Read Script Project Paid TO Read Script 2.0.5 Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter. | 7.5 |