6rbscript : Security Vulnerabilities, CVEs, CVSS score >= 4
SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbitrary SQL commands via the singerid parameter in a singers action.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-03-13
Updated
2017-09-29
Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
Max CVSS
4.3
EPSS Score
1.02%
Published
2009-03-13
Updated
2017-09-29
SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-09-30
Updated
2017-08-08
3 vulnerabilities found