Adultscriptpro
by Adultscript
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15959 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576. | ||
| CVE-2007-6576 | 0.03 | — | 0.01 | Dec 28, 2007 | Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php. | |||
| CVE-2007-6414 | 0.03 | — | 0.04 | Dec 17, 2007 | admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code… |
- risk 0.67cvss 9.8epss 0.02
Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576.
- CVE-2007-6576Dec 28, 2007risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.
- CVE-2007-6414Dec 17, 2007risk 0.03cvss —epss 0.04
admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code…