Advanced Comment System Security Vulnerabilities and Issues — Advanced Comment System CVE List

Lucene search

Advanced Comment System ProjectAdvanced Comment System

3 matches found

CVE•added 2018/11/29 10:29 p.m.•91 views

CVE-2018-18619

internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter. ...

9.8CVSS9.7AI score0.03493EPSS

CVE•added 2020/12/23 7:15 p.m.•89 views

CVE-2020-35598

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. NOTE: this might be the same as CVE-2009-4623

7.5CVSS7.4AI score0.74425EPSS

CVE•added 2019/03/21 4:0 p.m.•44 views

CVE-2018-18845

internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php in Advanced Comment System, version 1.0, contain a reflected cross-site scripting vulnerability via ACS_path. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious ...

6.1CVSS6AI score0.00986EPSS