VYPR
← All vendors
Vendor

Orbitscripts

Products
4
CVEs
4
Across products
5
Status
Private

Products

4

Recent CVEs

4
  • CVE-2014-2540Apr 11, 2014
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_directory.

  • CVE-2008-3152Jul 11, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter.

  • CVE-2006-2140May 2, 2006
    risk 0.03cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 and earlier allow remote attackers to inject arbitrary web script via the (1) referral parameter to signup.php or (2) id parameter to members.php.

  • CVE-2005-3814Nov 26, 2005
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject arbitrary web script or HTML via the username parameter in (1) directory.php, (2) frames.php, and (3) search.php.