VYPR
Vendor

Simplephpscripts

Products
11
CVEs
20
Across products
20
Status
Private

Products

11

Recent CVEs

20
  • CVE-2020-25475CriNov 24, 2020
    risk 0.64cvss 9.8epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action.

  • CVE-2020-25473MedNov 24, 2020
    risk 0.42cvss 6.5epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.

  • CVE-2020-25472MedNov 24, 2020
    risk 0.42cvss 6.5epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users.

  • CVE-2020-25474MedNov 24, 2020
    risk 0.40cvss 6.1epss 0.01

    SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter.

  • CVE-2023-3540LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to…

  • CVE-2023-3539LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, has been found in SimplePHPscripts Simple Forum PHP 2.7. This issue affects some unknown processing of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack…

  • CVE-2023-3538LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic was found in SimplePHPscripts Photo Gallery PHP 2.0. This vulnerability affects unknown code of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated…

  • CVE-2023-3537LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. This affects an unknown part of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the…

  • CVE-2023-3536LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in SimplePHPscripts Funeral Script PHP 3.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The…

  • CVE-2023-3535LowJul 7, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The…

  • CVE-2023-3476LowJun 30, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in SimplePHPscripts GuestBook Script 2.2. It has been classified as problematic. This affects an unknown part of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the…

  • CVE-2023-3475LowJun 30, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in SimplePHPscripts Event Script 2.1 and classified as problematic. Affected by this issue is some unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be…

  • CVE-2023-3474LowJun 30, 2023
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack…

  • CVE-2023-3465LowJun 29, 2023
    risk 0.23cvss 3.5epss 0.01

    A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads…

  • CVE-2023-3464LowJun 29, 2023
    risk 0.23cvss 3.5epss 0.01

    A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been classified as problematic. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation of the argument p leads to cross site scripting. It…

  • CVE-2008-4803Oct 31, 2008
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in index.php in Simple PHP Scripts gallery 0.1, 0.3, and 0.4 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. NOTE: the provenance of this information is unknown; the details are obtained solely…

  • CVE-2006-0361Jan 22, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 Blog 8.01 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in an tag in the comment parameter, which strips most tags but not .

  • CVE-2006-0320Jan 19, 2006
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog 8.01 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameter.

  • CVE-2008-4802Oct 31, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in complete.php in Simple PHP Scripts blog 0.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party…

  • CVE-2007-2679May 15, 2007
    risk 0.00cvss epss 0.01

    PHP file inclusion vulnerability in index.php in Ivan Peevski gallery 0.3 in Simple PHP Scripts (sphp) allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the gallery parameter, which is accessed by the file_exists function.…