MidnightBSD

Advisories for scriptsfeed

CVE-2010-1092 HIGH

Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
scriptsfeed business_directory_software *
CVE-2010-1096 HIGH

Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the (1) txtgender and (2) txtlookgender parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
scriptsfeed dating_software *
CVE-2010-2905 HIGH

SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
scriptsfeed scripts_directory *
brotherscripts scripts_directory *
CVE-2010-2906 HIGH

SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-2905.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
scriptsfeed scripts_directory *
brotherscripts scripts_directory *
CVE-2010-5039 HIGH

SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
scriptsfeed recipes_listing_portal 1.0