Vulnerabilities > Scripts4You

DATE CVE VULNERABILITY TITLE RISK
2008-12-01 CVE-2008-5290 Cross-Site Scripting vulnerability in Scripts4You Clean CMS 1.5
Cross-site scripting (XSS) vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
4.3
2008-12-01 CVE-2008-5289 SQL Injection vulnerability in Scripts4You Clean CMS 1.5
SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
scripts4you CWE-89
7.5
2008-12-01 CVE-2008-5288 Code Injection vulnerability in Scripts4You FAQ Manager 1.2
PHP remote file inclusion vulnerability in include/header.php in Werner Hilversum FAQ Manager 1.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config_path parameter.
6.8
2008-12-01 CVE-2008-5287 SQL Injection vulnerability in Scripts4You FAQ Manager 1.2
SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ Manager 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
network
low complexity
scripts4you CWE-89
7.5