Vulnerabilities > Paid TO Read Script Project > Paid TO Read Script > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-20	CVE-2017-17778	Cross-site Scripting vulnerability in Paid to Read Script Project Paid to Read Script 2.0.5 Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter. network low complexity paid-to-read-script-project CWE-79	4.8
2017-12-20	CVE-2017-17776	Information Exposure vulnerability in Paid to Read Script Project Paid to Read Script 2.0.5 Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter. network low complexity paid-to-read-script-project CWE-200	5.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.