Vulnerabilities > Vscripts > Vbook > 2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-31 | CVE-2006-1563 | Remote Security vulnerability in Vscripts Vbook 2.0 Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts. | 7.6 |
2006-03-31 | CVE-2006-1562 | Cross-Site Scripting vulnerability in Vscripts Vbook 2.0 Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters. network vscripts | 6.8 |
2006-03-31 | CVE-2006-1561 | SQL Injection vulnerability in Vscripts Vbook 2.0 SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter. | 5.1 |