Clip Share
Products
1- 7 CVEs
Recent CVEs
7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-7188 | 0.03 | — | 0.04 | Sep 9, 2009 | ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php. | ||
| CVE-2008-6173 | 0.03 | — | 0.00 | Feb 19, 2009 | Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter. | ||
| CVE-2008-5489 | 0.03 | — | 0.01 | Dec 12, 2008 | SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter. | ||
| CVE-2008-2793 | 0.03 | — | 0.00 | Jun 20, 2008 | SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | ||
| CVE-2008-0089 | 0.03 | — | 0.01 | Jan 4, 2008 | SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter. | ||
| CVE-2007-1430 | 0.03 | — | 0.02 | Mar 13, 2007 | PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allows remote attackers to execute arbitrary PHP code via a URL in the cmd parameter. | ||
| CVE-2014-8339 | 0.00 | — | 0.00 | Nov 4, 2014 | SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter. |
- CVE-2008-7188Sep 9, 2009risk 0.03cvss —epss 0.04
ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.
- CVE-2008-6173Feb 19, 2009risk 0.03cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
- CVE-2008-5489Dec 12, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter.
- CVE-2008-2793Jun 20, 2008risk 0.03cvss —epss 0.00
SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
- CVE-2008-0089Jan 4, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter.
- CVE-2007-1430Mar 13, 2007risk 0.03cvss —epss 0.02
PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allows remote attackers to execute arbitrary PHP code via a URL in the cmd parameter.
- CVE-2014-8339Nov 4, 2014risk 0.00cvss —epss 0.00
SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter.