Vulnerabilities > Scriptsez > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-02-02 | CVE-2012-0983 | SQL Injection vulnerability in Scriptsez EZ Album SQL injection vulnerability in Scriptsez.net Ez Album allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | 7.5 |
| 2010-03-10 | CVE-2009-4683 | Path Traversal vulnerability in Scriptsez Good/Bad Vote Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote action. | 7.5 |
| 2007-01-26 | CVE-2007-0518 | Information Disclosure vulnerability in Smart PHP Subscriber Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain encoded passwords via a direct request for pwd.txt. | 7.5 |
| 2007-01-26 | CVE-2007-0517 | Information Disclosure vulnerability in Scriptsez Random PHP Quote 1.0 Scriptsez Random PHP Quote 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password information via a direct request for pwd.txt. | 7.5 |