VYPR

Hot Links SQL PHP

by Mrcgiguy

CVEs (6)

  • CVE-2008-7120Aug 28, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.

  • CVE-2008-4379Oct 1, 2008
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter.

  • CVE-2008-4378Oct 1, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2006-7086Mar 2, 2007
    risk 0.03cvss epss 0.03

    The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.

  • CVE-2008-7121Aug 28, 2009
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search bar.

  • CVE-2005-4041Dec 6, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string.