CVE-2009-4692

CVE-2009-4692 describes a Cross-site Scripting (XSS) vulnerability in RadScripts RadLance Gold 7.5, specifically in index.php where the pr parameter in a ulist action can be exploited to inject arbitrary script or HTML. The vulnerability is tied to a flaw in how user-supplied data is handled in t...

CVE-2009-4694

RadScripts RadLance Gold 7.5 is affected by CVE-2009-4694: an XSS vulnerability in index.php via the fid parameter in a view_forum action. The vulnerability permits remote script/HTML injection, potentially impacting user sessions. According to NVD, the CVSS2 base score is 4.3 (Medium) with vecto...

CVE-2006-2404

CVE-2006-2404 is a directory-traversal vulnerability in the RadScripts RadLance Gold 7.0 package, specifically in popup.php. The underlying issue allows an unauthenticated attacker to read arbitrary files by providing a ".." sequence in the read parameter, enabling unauthorized access to local fi...

CVE-2009-4695

The CVE-2009-4695 entry describes a SQL injection in RadScripts RadLance Gold 7.5, affecting index.php via the fid parameter in a view_forum action. The underlying issue is a parameter-based SQL command execution vulnerability that could allow remote attackers to alter or read data. The connected...