← Back

Stadtaus

stadtaus

5 CVEs • 4 products

Products (4)

Click to collapse
Toggle
Guestbook Script
guestbook_script
2 CVEs
Download Center Lite
download_center_lite
1 CVE
Form Mail Script
form_mail_script
1 CVE
Tell A Friend Script
tell_a_friend_script
1 CVE

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-6602
1Stadtaus
1Download Center Lite
Apr 23, 2026
Apr 3, 2009
N/A· v4
N/A· v3
10.0 HIGH· v2
Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix."
CVE-2007-4290
1Stadtaus
1Guestbook Script
Apr 23, 2026
Aug 9, 2007
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the script_root parameter to (1) delete.php, (2) edit.php, or (3) inc/common.in...Show more
Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the script_root parameter to (1) delete.php, (2) edit.php, or (3) inc/common.inc.php; or (4) database.php, (5) entries.php, (6) index.php, (7) logout.php, or (8) settings.php in admin/. NOTE: a third party disputes this vulnerability, noting that these scripts defend against direct requestsShow less
CVE-2006-2158
1Stadtaus
1Guestbook Script
Apr 16, 2026
May 3, 2006
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and earlier, when register_globals is enabled, allows remote attackers to modify arbitrary program variables via parameters, which a...Show more
Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and earlier, when register_globals is enabled, allows remote attackers to modify arbitrary program variables via parameters, which are evaluated as PHP variable variables, as demonstrated by performing PHP remote file inclusion using the include_files array parameter.Show less
CVE-2005-0679
1Stadtaus
1Tell A Friend Script
Apr 16, 2026
May 2, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in tell_a_friend.inc.php for Tell A Friend Script 2.7 before 20050305 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a UR...Show more
PHP remote file inclusion vulnerability in tell_a_friend.inc.php for Tell A Friend Script 2.7 before 20050305 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. NOTE: it was later reported that 2.4 is also affected.Show less
CVE-2005-0678
1Stadtaus
1Form Mail Script
Apr 16, 2026
May 2, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the script_root to reference a URL on a remote web serve...Show more
PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the script_root to reference a URL on a remote web server that contains the code.Show less