Vulnerabilities (CVE)

Filtered by vendor Phpadultsite Subscribe
Filtered by product Phpadultsite Cms
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6979 1 Phpadultsite 1 Phpadultsite Cms 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to inject arbitrary web script or HTML via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information. NOTE: this issue might be resultant from a separate SQL injection vulnerability.
CVE-2008-6980 1 Phpadultsite 1 Phpadultsite Cms 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6981 1 Phpadultsite 1 Phpadultsite Cms 2024-02-28 5.0 MEDIUM N/A
index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to obtain the full installation path via an invalid results_per_page parameter, which leaks the path in an error message. NOTE: this issue might be resultant from a separate SQL injection vulnerability.