Aggregates CVE and security vulnerability intelligence across all scriptsez-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting, vendor risk path handling, vendor risk csrf, and vendor risk sql injection and related problems; some flaws may lead to vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-0517 | Scriptsez Random PHP Quote 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password information via a direct request for pwd.txt. | [email protected] | 7.5 | 1.40% | 2007-01-25 | 2026-06-16 |
| CVE-2006-3004 | Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search. | [email protected] | 4.3 | 1.54% | 2006-06-12 | 2026-06-16 |
| CVE-2006-2232 | Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 20060211 allows remote attackers to inject arbitrary web script or HTML via the Comments field when signing the guestbook. | [email protected] | 4.3 | 1.23% | 2006-05-05 | 2026-06-16 |