CVE Tools

comscripts

Web & CMS Pluginsunknown

19

Cumulative CVEs

8

Monthly snapshots

#12

Peak rank

Top products

web server creator web portal3

Latest CVEs

The 15 most recently published vulnerabilities affecting comscripts.

CVE-2010-1115Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.5.0Mar 25, 2010
CVE-2010-1113Cross-site scripting (XSS) vulnerability in the forum page in Web Server Creator - Web Portal 0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to index.php.4.3Mar 25, 2010
CVE-2010-1114Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) pg parameter to index.php and the...7.5Mar 25, 2010
CVE-2008-6655Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.p...4.3Apr 7, 2009
CVE-2008-6543Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifi...7.5Mar 30, 2009
CVE-2008-6545PHP remote file inclusion vulnerability in news/include/createdb.php in Web Server Creator Web Portal 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the langfile parameter. ...7.5Mar 30, 2009
CVE-2007-4937CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin name and MD5 password hash via a direct request for ...5.0Sep 18, 2007
CVE-2007-1144Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter.5.0Feb 27, 2007
CVE-2007-0361PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote attackers to execute arbitrary PHP code via a URL in the chem parameter.7.5Jan 19, 2007
CVE-2006-4754Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. ...6.8Sep 13, 2006
CVE-2006-4753Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.5.0Sep 13, 2006
CVE-2006-4746PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter.7.5Sep 13, 2006
CVE-2006-4678PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php.7.5Sep 11, 2006
CVE-2002-2217Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) l parameter to cu...7.5Sep 11, 2006
CVE-2006-4622PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.7.5Sep 7, 2006