Vulnerabilities > Scripts4You
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-01 | CVE-2008-5290 | Cross-Site Scripting vulnerability in Scripts4You Clean CMS 1.5 Cross-site scripting (XSS) vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
2008-12-01 | CVE-2008-5289 | SQL Injection vulnerability in Scripts4You Clean CMS 1.5 SQL injection vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-12-01 | CVE-2008-5288 | Code Injection vulnerability in Scripts4You FAQ Manager 1.2 PHP remote file inclusion vulnerability in include/header.php in Werner Hilversum FAQ Manager 1.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config_path parameter. | 6.8 |
2008-12-01 | CVE-2008-5287 | SQL Injection vulnerability in Scripts4You FAQ Manager 1.2 SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ Manager 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 |