availscript availscript_article_script CVE Vulnerabilities (4) — All product CPE matches

CVEs: 4 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities for availscript availscript_article_script from every vulnerable NVD CPE match row for this product, including cases where the versions table cannot show finer version attributes.

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2008-6900	Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photos/.	[email protected]	6.5	6.80%	2009-08-06	2026-04-23
CVE-2008-6037	SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter.	[email protected]	7.5	0.41%	2009-02-03	2026-04-23
CVE-2008-4372	Cross-site scripting (XSS) vulnerability in articles.php in AvailScript Article Script allows remote attackers to inject arbitrary web script or HTML via the aIDS parameter.	[email protected]	4.3	3.29%	2008-10-01	2026-04-23
CVE-2008-4371	SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter.	[email protected]	7.5	0.39%	2008-10-01	2026-04-23

cvelogic Threat Intelligence