Vulnerabilities (CVE)

Filtered by vendor Vscripts Subscribe
Filtered by product Vbook
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-1563 1 Vscripts 1 Vbook 2024-11-21 7.6 HIGH N/A
Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts.
CVE-2006-1562 1 Vscripts 1 Vbook 2024-11-21 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters.
CVE-2006-1561 1 Vscripts 1 Vbook 2024-11-21 5.1 MEDIUM N/A
SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter.