Rateme

CVEs (3)

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2006-6648	0.03	—	0.02	Dec 20, 2006	PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter.
CVE-2008-4899	0.00	—	0.00	Nov 4, 2008	Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe 1.3.3 allows remote attackers to perform unauthorized actions as other users via unspecified vectors.
CVE-2008-4898	0.00	—	0.00	Nov 4, 2008	Cross-site scripting (XSS) vulnerability in planetluc RateMe 1.3.3 allows remote attackers to inject arbitrary web script or HTML via the rate parameter in a submit rate action.

CVE-2006-6648Dec 20, 2006
risk 0.03cvss —epss 0.02
PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter.
CVE-2008-4899Nov 4, 2008
risk 0.00cvss —epss 0.00
Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe 1.3.3 allows remote attackers to perform unauthorized actions as other users via unspecified vectors.
CVE-2008-4898Nov 4, 2008
risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in planetluc RateMe 1.3.3 allows remote attackers to inject arbitrary web script or HTML via the rate parameter in a submit rate action.