Actualscripts : Security Vulnerabilities, CVEs, CVSS score >= 4
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter.
Max CVSS
4.3
EPSS Score
0.25%
Published
2008-06-03
Updated
2018-10-11
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter.
Max CVSS
7.5
EPSS Score
2.45%
Published
2008-05-05
Updated
2017-09-29
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter.
Max CVSS
7.5
EPSS Score
14.96%
Published
2006-04-21
Updated
2018-10-18
3 vulnerabilities found