cbcvebase.

Paid To Read Script Project Paid To Read Script vulnerabilities

5 known vulnerabilities affecting paid_to_read_script_project/paid_to_read_script.

Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2017-17651P3CRITICALCVSS 9.8PoCv2.0.52017-12-18
CVE-2017-17651 [CRITICAL] CWE-89 CVE-2017-17651: Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/view Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
nvd
CVE-2017-17777P3CRITICALCVSS 9.8v2.0.52017-12-20
CVE-2017-17777 [CRITICAL] CWE-287 CVE-2017-17777: Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demo Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter.
nvd
CVE-2017-17779P3CRITICALCVSS 9.8v2.0.52017-12-20
CVE-2017-17779 [CRITICAL] CWE-89 CVE-2017-17779: Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter. Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter.
nvd
CVE-2017-17776P4MEDIUMCVSS 5.3v2.0.52017-12-20
CVE-2017-17776 [MEDIUM] CWE-200 CVE-2017-17776: Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter. Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter.
nvd
CVE-2017-17778P4MEDIUMCVSS 4.8v2.0.52017-12-20
CVE-2017-17778 [MEDIUM] CWE-79 CVE-2017-17778: Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter or the admin/userview.php uid parameter.
nvd
Paid To Read Script Project Paid To Read Script vulnerabilities | cvebase