24 matches found
EUVD-2017-8927
Malware in sbrugna...
EUVD-2017-8809
Malware in sbrugna...
EUVD-2017-8929
Malware in sbrugna...
EUVD-2017-8930
Malware in sbrugna...
CVE-2017-17779
Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter...
CVE-2017-17779
Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter...
Authentication flaw
Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter...
CVE-2017-17778
Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter...
CVE-2017-17776
Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter...
Path traversal
Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter...
CVE-2017-17777
Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter...
CVE-2017-17776
Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter...
CVE-2017-17778
Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter...
CVE-2017-17777
Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter...
CVE-2017-17778
Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter...
CVE-2017-17779
CVE-2017-17779 corresponds to Paid To Read Script 2.0.5, where an SQL injection is exposed through the referrals.php id parameter. Per the available references, the issue affects the Paid To Read Script 2.0.5 and is reported as an SQL injection vulnerability. The CVSS data indicates a high-severi...
CVE-2017-17776
Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter...
CVE-2017-17778
Paid To Read Script 2.0.5 contains a cross-site scripting (XSS) vulnerability exploitable via the referrals.php tier parameter or the admin/userview.php uid parameter. The CVE entry is supported by multiple connected records (NVD and CNVD variants) stating the same vectors. The exact root cause a...
CVE-2017-17776
Paid To Read Script 2.0.5 has a vulnerability that allows full path disclosure through an invalid admin/userview.php uid parameter. The CVE entry notes a information disclosure risk (confidentiality impact) with a CVSS v2 base score 5.0 and CVSS v3 base score 5.3. Connected sources corroborate th...
CVE-2017-17777
Paid To Read Script 2.0.5 contains an authentication bypass in the admin panel that can be triggered by direct requests. The vulnerability is demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter, enabling bypass of login/auth checks and potential unaut...