Powerscripts : Security Vulnerabilities, CVEs, CVSS score >= 7
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.09%
Published
2009-02-23
Updated
2017-09-29
Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) settings[footer] parameter to footer.inc.php and the (2) settings[header] parameter to header.inc.php.
Max CVSS
7.5
EPSS Score
4.76%
Published
2008-03-28
Updated
2018-10-11
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. (dot dot) in the (1) subpage parameter in (a) categories.inc.php, (b) news.inc.php, (c) other.inc.php, (d) permissions.inc.php, (e) templates.inc.php, and (f) users.inc.php in pnadmin/; and (2) the page parameter to (g) pnadmin/index.php. NOTE: vector 2 is only exploitable by administrators.
Max CVSS
7.5
EPSS Score
1.31%
Published
2008-02-13
Updated
2018-10-15
SQL injection vulnerability in member.php in PowerClan 1.14 allows remote attackers to execute arbitrary SQL commands via the memberid parameter.
Max CVSS
7.5
EPSS Score
0.93%
Published
2006-04-18
Updated
2018-10-18
PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions.
Max CVSS
7.5
EPSS Score
5.47%
Published
2000-01-11
Updated
2022-08-17
5 vulnerabilities found