Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2009-3147
Disclosure Date: September 10, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in showproduct.php in ReviewPost Pro vB3 allows remote attackers to inject arbitrary web script or HTML via the date parameter.
0
Attacker Value
Unknown
CVE-2006-4864
Disclosure Date: September 19, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in index.php in All Enthusiast ReviewPost 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the RP_PATH parameter.
0
Attacker Value
Unknown
CVE-2005-0272
Disclosure Date: May 02, 2005 (last updated February 22, 2025)
ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.
0
Attacker Value
Unknown
CVE-2005-0270
Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the (1) si parameter to showcat.php, (2) cat or (3) page parameter to showproduct.php, or (4) report parameter to reportproduct.php.
0
Attacker Value
Unknown
CVE-2005-0271
Disclosure Date: January 03, 2005 (last updated February 22, 2025)
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showcat.php or (2) product parameter to addfav.php.
0
Attacker Value
Unknown
CVE-2004-2175
Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php.
0
