Hot Links SQL PHP
by Mrcgiguy
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-7120 | 0.03 | — | 0.01 | Aug 28, 2009 | SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter. | |||
| CVE-2008-4379 | 0.03 | — | 0.02 | Oct 1, 2008 | Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||
| CVE-2008-4378 | 0.03 | — | 0.01 | Oct 1, 2008 | SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2006-7086 | 0.03 | — | 0.03 | Mar 2, 2007 | The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter. | |||
| CVE-2008-7121 | 0.00 | — | 0.01 | Aug 28, 2009 | Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search bar. | |||
| CVE-2005-4041 | 0.00 | — | 0.01 | Dec 6, 2005 | Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string. |
- CVE-2008-7120Aug 28, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.
- CVE-2008-4379Oct 1, 2008risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter.
- CVE-2008-4378Oct 1, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2006-7086Mar 2, 2007risk 0.03cvss —epss 0.03
The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.
- CVE-2008-7121Aug 28, 2009risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search bar.
- CVE-2005-4041Dec 6, 2005risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string.