1scripts
Products
3- 3 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-6392 | 0.03 | — | 0.01 | Mar 2, 2009 | SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2008-6386 | 0.03 | — | 0.01 | Mar 2, 2009 | Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||
| CVE-2008-6284 | 0.03 | — | 0.01 | Feb 25, 2009 | SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote attackers to execute arbitrary SQL commands via the site parameter. | |||
| CVE-2008-3190 | 0.03 | — | 0.02 | Jul 16, 2008 | Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||
| CVE-2008-2638 | 0.03 | — | 0.04 | Jun 10, 2008 | Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php. |
- CVE-2008-6392Mar 2, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2008-6386Mar 2, 2009risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
- CVE-2008-6284Feb 25, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote attackers to execute arbitrary SQL commands via the site parameter.
- CVE-2008-3190Jul 16, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
- CVE-2008-2638Jun 10, 2008risk 0.03cvss —epss 0.04
Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.