Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2141 | 1 Shoutpro | 1 Shoutpro | 2018-10-16 | 7.5 HIGH | N/A |
Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers to inject arbitrary PHP code into shouts.php via the shout parameter. | |||||
CVE-2006-7047 | 1 Shoutpro | 1 Shoutpro | 2018-10-16 | 5.0 MEDIUM | N/A |
include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally reported as remote file inclusion, but CVE analysis suggests that this cannot be used for code execution. |