Vulnerabilities > Powerscripts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-23 | CVE-2009-0707 | SQL Injection vulnerability in Powerscripts Powerclan 1.14A SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). | 7.5 |
2009-02-23 | CVE-2009-0705 | SQL Injection vulnerability in Powerscripts Powernews 2.5.4 SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | 6.8 |
2008-03-28 | CVE-2008-1537 | Path Traversal vulnerability in Powerscripts Powerbook 1.21 Directory traversal vulnerability in pb_inc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2008-03-28 | CVE-2008-1534 | Path Traversal vulnerability in Powerscripts Powerphpboard 1.00B Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2008-02-13 | CVE-2008-0742 | Path Traversal vulnerability in Powerscripts Powernews 2.5.6 Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. | 7.5 |
2006-12-23 | CVE-2006-6715 | Remote File Include vulnerability in PowerClan Footer.Inc.PHP PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings[footer] parameter. | 5.1 |
2006-04-18 | CVE-2006-1805 | SQL Injection vulnerability in Powerscripts Powerclan 1.14 SQL injection vulnerability in member.php in PowerClan 1.14 allows remote attackers to execute arbitrary SQL commands via the memberid parameter. | 7.5 |
2000-01-11 | CVE-2000-0074 | Unspecified vulnerability in Powerscripts Plusmail PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | 7.5 |