Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
PhpscriptsnowRiddles

2 matches found

CVE
CVEadded 2009/08/20 5:0 p.m.53 views

CVE-2009-2891

CVE-2009-2891 describes an SQL injection in list.php of PHP Scripts Now Riddles, exploitable via the catid parameter. The underlying issue is improper handling of user-supplied input, enabling remote attackers to execute arbitrary SQL commands. Affected component: list.php within the PHP Scripts ...

7.5CVSS8.8AI score0.00169EPSS
CVE
CVEadded 2009/08/20 5:0 p.m.42 views

CVE-2009-2890

CVE-2009-2890 affects the web app PHP Scripts Now Riddles, with a vulnerability in results.php where the searchquery parameter allows remote injection of arbitrary web script or HTML (reflected XSS). Root cause: lack of proper input sanitization on the searchquery parameter. Impact: enables injec...

4.3CVSS5.9AI score0.01585EPSS