VYPR

Shoutbox

by Knusperleicht

CVEs (3)

  • CVE-2006-6721Dec 23, 2006
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter.

  • CVE-2006-3989Aug 5, 2006
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.

  • CVE-2005-1220May 2, 2005
    risk 0.00cvss epss 0.02

    Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes.