Entertainmentscript : Security Vulnerabilities, CVEs, CVSS score >= 3
Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
Max CVSS
6.8
EPSS Score
1.78%
Published
2008-05-27
Updated
2017-09-29
SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-21
Updated
2017-09-29
2 vulnerabilities found