VYPR
Vendor

Scriptsfrenzy

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2008-5075Nov 14, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f)…

  • CVE-2008-4902Nov 4, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in contact_author.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter.

  • CVE-2008-4901Nov 4, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter.

  • CVE-2006-6694Dec 21, 2006
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a .. (dot dot) in the language parameter, as demonstrated by uploading a .JPG file containing PHP code, then accessing the file via…

  • CVE-2006-1852Apr 19, 2006
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter.