CVE-2010-0367

CVE-2010-0367 describes multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta (and possibly 2.04). The issue is exploitable via a crafted URL that injects a value into the rowptem[template] parameter sent to showcasesearch.php and showcase2search.php, a...

CVE-2010-0365

CVE-2010-0365 concerns a stored/reflected cross-site scripting (XSS) vulnerability in the BitScripts Bits Video Script, specifically affecting the search.php endpoint in versions 2.04 and 2.05 Gold Beta. The underlying issue is that user-supplied input in the order parameter can be interpreted as...

CVE-2010-0366

CVE-2010-0366 affects BitScripts Bits Video Script (versions 2.04 and 2.05 Gold Beta). The vulnerability lies in two upload components, namely register.php and addvideo.php , where an unrestricted file upload can let an attacker place an executable file in the server and access it via a direct re...