Scriptphp Annoncescripthp vulnerabilities
3 known vulnerabilities affecting scriptphp/annoncescripthp.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2006-6478P3HIGHCVSS 7.5PoCv2.02006-12-12
CVE-2006-6478 [HIGH] CVE-2006-6478: Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to execute arbi
Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) email.php, the (2) no parameter in (b) voirannonce.php, the (3) idmembre parameter in (c) admin/admin_membre/fiche_membre.php, and the (4) idannonce parameter in (d) admin/admin_annonce/okvalannonce.php and (e) a
nvd
CVE-2006-6479P4MEDIUMCVSS 6.8PoCv2.02006-12-12
CVE-2006-6479 [MEDIUM] CVE-2006-6479: Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to
Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the email parameter in (1) erreurinscription.php, (2) Templates/admin.dwt.php, (3) Templates/commun.dwt.php, (4) membre.dwt.php, and (5) admin/admin_config/Aide.php.
nvd
CVE-2006-6480P4MEDIUMCVSS 5.0v2.02006-12-12
CVE-2006-6480 [MEDIUM] CVE-2006-6480: admin/admin_membre/fiche_membre.php in AnnonceScriptHP 2.0 allows remote attackers to obtain sensiti
admin/admin_membre/fiche_membre.php in AnnonceScriptHP 2.0 allows remote attackers to obtain sensitive information via the idmembre parameter, which discloses the passwords for arbitrary users.
nvd