Vendor

6rbscript

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2008-6454	6rbscript 6rbscript	0.03	—	0.01	Mar 13, 2009	SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbitrary SQL commands via the singerid parameter in a singers action.
CVE-2008-6453	6rbscript 6rbscript	0.03	—	0.02	Mar 13, 2009	Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
CVE-2008-4344	6rbscript 6rbscript	0.03	—	0.01	Sep 30, 2008	SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter.

CVE-2008-6454Mar 13, 2009
6rbscript
6rbscript
risk 0.03cvss —epss 0.01
SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbitrary SQL commands via the singerid parameter in a singers action.
CVE-2008-6453Mar 13, 2009
6rbscript
6rbscript
risk 0.03cvss —epss 0.02
Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
CVE-2008-4344Sep 30, 2008
6rbscript
6rbscript
risk 0.03cvss —epss 0.01
SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter.