Aggregates CVE and security vulnerability intelligence across all yourfreeworld-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-3751 | SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.34% | 2008-08-21 | 2026-06-16 |
| CVE-2008-3750 | SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.02% | 2008-08-21 | 2026-06-16 |
| CVE-2008-3749 | SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.19% | 2008-08-21 | 2026-06-16 |
| CVE-2008-3725 | SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.02% | 2008-08-20 | 2026-06-16 |
| CVE-2008-2065 | SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. | [email protected] | 7.5 | 0.97% | 2008-05-02 | 2026-06-16 |
| CVE-2008-1919 | SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote attackers to execute arbitrary SQL commands via the r parameter. | [email protected] | 7.5 | 2.00% | 2008-04-23 | 2026-06-16 |
| CVE-2006-6461 | tr1.php in Yourfreeworld Stylish Text Ads Script allows remote attackers to obtain the installation path via an invalid id parameter, which leaks the path in an error message. NOTE: this issue might be resultant from CVE-2006-2508. | [email protected] | 7.8 | 1.50% | 2006-12-11 | 2026-06-16 |
| CVE-2006-2510 | Cross-site scripting (XSS) vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs. | [email protected] | 6.8 | 1.27% | 2006-05-22 | 2026-06-16 |
| CVE-2006-2509 | SQL injection vulnerability in login.php in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.09% | 2006-05-22 | 2026-06-16 |
| CVE-2006-2508 | SQL injection vulnerability in tr1.php in YourFreeWorld.com Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly involving an attack vector using advertise.php. | [email protected] | 6.4 | 2.58% | 2006-05-22 | 2026-06-16 |