VYPR
Vendor

Article Directory

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2017-15960CriOct 29, 2017
    risk 0.67cvss 9.8epss 0.02

    Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.

  • CVE-2009-2397Jul 9, 2009
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.

  • CVE-2009-2236Jun 27, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in yad-admin/login.php in Your Article Directory allows remote attackers to execute arbitrary SQL commands via the txtAdminEmail parameter. NOTE: some of these details are obtained from third party information.

  • CVE-2007-4007Jul 26, 2007
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in index.php in Article Directory (Article Site Directory) allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

  • CVE-2023-30751Aug 14, 2023
    risk 0.00cvss epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions.

  • CVE-2023-0422Apr 10, 2023
    risk 0.00cvss epss 0.00

    The Article Directory WordPress plugin through 1.3 does not properly sanitize the `publish_terms_text` setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts.