Iscripts Autohoster vulnerabilities
2 known vulnerabilities affecting iscripts/autohoster.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2013-7189P3HIGHCVSS 7.5PoCv2.42013-12-20
CVE-2013-7189 [HIGH] CWE-89 CVE-2013-7189: Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers
Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to execute arbitrary SQL commands via the cmbdomain parameter to (1) checktransferstatus.php, (2) checktransferstatusbck.php, or (3) additionalsettings.php; or (4) invno parameter to payinvoiceothers.php.
nvd
CVE-2013-7190P3MEDIUMCVSS 5.0PoCv2.42013-12-20
CVE-2013-7190 [MEDIUM] CWE-22 CVE-2013-7190: Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote atta
Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to read arbitrary files via the (1) tmpid parameter to websitebuilder/showtemplateimage.php, (2) fname parameter to admin/downloadfile.php, or (3) id parameter to support/admin/csvdownload.php; or (4) have an unspecified impact via unspecified vect
nvd