Knusperleicht
Products
7- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
10| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6721 | 0.03 | — | 0.02 | Dec 23, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter. | |||
| CVE-2006-4007 | 0.03 | — | 0.03 | Aug 7, 2006 | PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter. | |||
| CVE-2006-4008 | 0.03 | — | 0.03 | Aug 7, 2006 | PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter. | |||
| CVE-2006-3986 | 0.03 | — | 0.03 | Aug 5, 2006 | PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter. | |||
| CVE-2006-3988 | 0.03 | — | 0.03 | Aug 5, 2006 | PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter. | |||
| CVE-2006-3982 | 0.03 | — | 0.03 | Aug 5, 2006 | PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter. | |||
| CVE-2006-3987 | 0.03 | — | 0.03 | Aug 5, 2006 | Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters. | |||
| CVE-2006-3989 | 0.03 | — | 0.03 | Aug 5, 2006 | PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter. | |||
| CVE-2005-3199 | 0.00 | — | 0.01 | Oct 14, 2005 | Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters. | |||
| CVE-2005-1220 | 0.00 | — | 0.02 | May 2, 2005 | Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes. |
- CVE-2006-6721Dec 23, 2006risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter.
- CVE-2006-4007Aug 7, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter.
- CVE-2006-4008Aug 7, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter.
- CVE-2006-3986Aug 5, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter.
- CVE-2006-3988Aug 5, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter.
- CVE-2006-3982Aug 5, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter.
- CVE-2006-3987Aug 5, 2006risk 0.03cvss —epss 0.03
Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters.
- CVE-2006-3989Aug 5, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.
- CVE-2005-3199Oct 14, 2005risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters.
- CVE-2005-1220May 2, 2005risk 0.00cvss —epss 0.02
Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes.