Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php.
7.9AI Score
0.151EPSS
Multiple cross-site scripting (XSS) vulnerabilities in post.php in ShoutLIVE 1.1.0 allow remote attackers to inject arbitrary web script or HTML via certain variables when posting new messages.
5.8AI Score
0.009EPSS
Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) NAME and (2) COMMENTS parameters.
5.7AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) LOCATION and (2) URL parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
5.6AI Score
0.003EPSS