VYPR

Star Rating System Script

by Hiox India

CVEs (2)

  • CVE-2006-6156Nov 28, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in auth/message.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF). NOTE: The provenance of this information is unknown; the details…

  • CVE-2006-6155Nov 28, 2006
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in addrating.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ipadd or (2) url parameter. NOTE: The provenance of this information is unknown; the details are…