Vulnerabilities > Paid TO Read Script Project > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-12-20 CVE-2017-17779 SQL Injection vulnerability in Paid to Read Script Project Paid to Read Script 2.0.5
Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter.
network
low complexity
paid-to-read-script-project CWE-89
critical
 9.8
9.8
2017-12-20 CVE-2017-17777 Improper Authentication vulnerability in Paid to Read Script Project Paid to Read Script 2.0.5
Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter.
network
low complexity
paid-to-read-script-project CWE-287
critical
 9.8
9.8
2017-12-18 CVE-2017-17651 SQL Injection vulnerability in Paid to Read Script Project Paid to Read Script 2.0.5
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
network
low complexity
paid-to-read-script-project CWE-89
critical
 9.8
9.8