The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer...
6.1CVSS
6.1AI Score
0.001EPSS
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer...
7.5CVSS
7.5AI Score
0.007EPSS
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools...
6.1CVSS
6.1AI Score
0.001EPSS
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information...
7.5CVSS
7.5AI Score
0.007EPSS
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about...
6.1CVSS
6.1AI Score
0.001EPSS
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools...
7.5CVSS
7.5AI Score
0.007EPSS
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information...
6.1CVSS
6.1AI Score
0.001EPSS
6.1CVSS
5.8AI Score
0.001EPSS
SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified...
8.7AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified...
5.9AI Score
0.002EPSS
SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified...
8.7AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified...
5.9AI Score
0.002EPSS
SQL injection vulnerability in the GD Star Rating plugin 19.22 for WordPress allows remote administrators to execute arbitrary SQL commands via the s parameter in the gd-star-rating-stats page to...
8.7AI Score
0.001EPSS
Multiple cross-site request forgery (CSRF) vulnerabilities in the GD Star Rating plugin 19.22 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct (1) SQL injection attacks via the s parameter in the gd-star-rating-stats page to...
7.8AI Score
0.001EPSS
The s-peek credit rating report (aka com.rhomobile.speek) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6AI Score
0.0005EPSS
Cross-site scripting (XSS) vulnerability in wu-ratepost.php in the Wu-Rating plugin 1.0 12319 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the v...
6AI Score
0.001EPSS
Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld Programs Rating Script allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rate.php and (2)...
5.9AI Score
0.006EPSS
SQL injection vulnerability in details.php in YourFreeWorld Programs Rating Script allows remote attackers to execute arbitrary SQL commands via the id...
8.4AI Score
0.002EPSS
SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid...
8.4AI Score
0.001EPSS
SQL injection vulnerability in index.php in Pictures Rating (Picture Rating) allows remote attackers to execute arbitrary SQL commands via the msgid...
8.4AI Score
0.002EPSS
CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER...
7AI Score
0.019EPSS
Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b)...
8.5AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the q...
5.7AI Score
0.009EPSS
SQL injection vulnerability in viewcomments.php in ScriptMagix Photo Rating 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the phid...
8.4AI Score
0.009EPSS
Multiple SQL injection vulnerabilities in addrating.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ipadd or (2) url parameter. NOTE: The provenance of this information is unknown; the details are obtained solely...
8.6AI Score
0.001EPSS
PHP remote file inclusion vulnerability in addcode.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the hm...
7.9AI Score
0.153EPSS
Cross-site scripting (XSS) vulnerability in auth/message.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF). NOTE: The provenance of this information is unknown; the details are obtained...
5.8AI Score
0.002EPSS