Lucene search

Availscript Article Script Security Vulnerabilities

cve

CVE-2008-4371

SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter.

8.4AI Score

0.002EPSS

2008-10-01 03:38 PM

cve

CVE-2008-4372

Cross-site scripting (XSS) vulnerability in articles.php in AvailScript Article Script allows remote attackers to inject arbitrary web script or HTML via the aIDS parameter.

5.7AI Score

0.004EPSS

2008-10-01 03:38 PM

cve

CVE-2008-6037

SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter.

8.7AI Score

0.001EPSS

2009-02-03 11:30 AM

cve

CVE-2008-6900

Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photos/.

7.5AI Score

0.007EPSS

2009-08-06 12:30 AM