Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts.
Max CVSS
7.6
EPSS Score
0.64%
Published
2006-03-31
Updated
2018-10-18
Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters.
Max CVSS
6.8
EPSS Score
2.68%
Published
2006-03-31
Updated
2018-10-18
SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter.
Max CVSS
5.1
EPSS Score
0.92%
Published
2006-03-31
Updated
2018-10-18
3 vulnerabilities found