← Back

Iscripts

iscripts

29 CVEs • 14 products

Products (14)

Click to collapse
Toggle
Eswap
eswap
9 CVEs
Socialware
socialware
3 CVEs
Multicart
multicart
2 CVEs
Autohoster
autohoster
2 CVEs
Easycreate
easycreate
2 CVEs
Supportdesk
supportdesk
2 CVEs
Uberforx
uberforx
2 CVEs
Easyindex
easyindex
1 CVE
Easysnaps
easysnaps
1 CVE
Visualcaster
visualcaster
1 CVE
Reservelogic
reservelogic
1 CVE
Cybermatch
cybermatch
1 CVE
Easybiller
easybiller
1 CVE
Sonicbb
sonicbb
1 CVE

CVEs (29)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2010-4980
1Iscripts
1Reservelogic
Apr 29, 2026
Nov 1, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2010-2853
1Iscripts
1Visualcaster
Apr 29, 2026
Jul 25, 2010
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter.
CVE-2010-2624
1Iscripts
1Easysnaps
Apr 29, 2026
Jul 2, 2010
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3...Show more
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php.Show less
CVE-2008-4169
1Iscripts
1Easyindex
Apr 23, 2026
Sep 22, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter.
CVE-2008-1859
1Iscripts
1Socialware
Apr 23, 2026
Apr 16, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2008-1790
1Iscripts
1Socialware
Apr 23, 2026
Apr 15, 2008
N/A· v4
N/A· v3
6.5 MEDIUM· v2
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitatio...Show more
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.Show less
CVE-2008-1772
1Iscripts
1Socialware
Apr 23, 2026
Apr 14, 2008
N/A· v4
N/A· v3
5.0 MEDIUM· v2
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-0911
1Iscripts
1Multicart
Apr 23, 2026
Feb 22, 2008
N/A· v4
N/A· v3
6.5 MEDIUM· v2
SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter.
CVE-2007-5261
1Iscripts
1Multicart
Apr 23, 2026
Oct 6, 2007
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.