Vulnerabilities > Phpkobo > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-41446 Cross-site Scripting vulnerability in PHPkobo Ajaxnewsticker 1.0.5
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component.
network
low complexity
phpkobo CWE-79
6.1
6.1
2023-09-28 CVE-2023-41447 Cross-site Scripting vulnerability in PHPkobo Ajaxnewsticker 1.0.5
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component.
network
low complexity
phpkobo CWE-79
6.1
6.1
2023-09-27 CVE-2023-41445 Cross-site Scripting vulnerability in PHPkobo Ajaxnewsticker 1.0.5
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component.
network
low complexity
phpkobo CWE-79
6.1
6.1
2023-09-27 CVE-2023-41448 Cross-site Scripting vulnerability in PHPkobo Ajaxnewsticker 1.0.5
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component.
network
low complexity
phpkobo CWE-79
6.1
6.1
2023-09-27 CVE-2023-41451 Cross-site Scripting vulnerability in PHPkobo Ajaxnewsticker 1.0.5
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.
network
low complexity
phpkobo CWE-79
6.1
6.1
2023-09-27 CVE-2023-41453 Cross-site Scripting vulnerability in PHPkobo Ajaxnewsticker 1.0.5
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component.
network
low complexity
phpkobo CWE-79
6.1
6.1
2010-03-23 CVE-2010-1063 Path Traversal vulnerability in PHPkobo Free Real Estate Contact Form Script 1.09
Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) codelib/cfg/common.inc.php, (2) form/app/common.inc.php, and (3) staff/app/common.inc.php.
network
phpkobo CWE-22
6.8
6.8
2010-03-23 CVE-2010-1062 Path Traversal vulnerability in PHPkobo Free Real Estate Contact Form Script 1.09
Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..
network
phpkobo CWE-22
6.8
6.8
2010-03-23 CVE-2010-1061 Path Traversal vulnerability in PHPkobo Short URL 1.01
Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) url/app/common.inc.php and (2) codelib/cfg/common.inc.php.
network
phpkobo CWE-22
6.8
6.8
2010-03-23 CVE-2010-1060 Path Traversal vulnerability in PHPkobo Short URL 1.01
Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..
network
phpkobo CWE-22
6.8
6.8