彙總 scriptsez.net 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 跨站腳本,在 生產負載與軟體部署 使用場景中可能帶來 工作階段劫持 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2006-7061 | Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks. | [email protected] | 9.3 | 0.88% | 2007-02-24 | 2026-04-23 |
| CVE-2006-7060 | cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message. | [email protected] | 5.0 | 0.46% | 2007-02-24 | 2026-04-23 |
| CVE-2006-7059 | Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net E-Dating System allow remote attackers to inject arbitrary web script or HTML via encoded entities (') in IMG tags to (1) messages, (2) profile fields, or (3) the id parameter in a dologin operation to cindex.php. | [email protected] | 4.3 | 0.52% | 2007-02-24 | 2026-04-23 |
| CVE-2007-0952 | Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Virtual Calendar allow remote attackers to inject arbitrary web script or HTML via the (1) t and (2) yr parameters, and the (3) sho parameter when the m parameter is outside the intended range. | [email protected] | 6.8 | 0.97% | 2007-02-15 | 2026-04-23 |