Lucene search

Post Affiliate Pro Security Vulnerabilities

cve

CVE-2023-38482

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QualityUnit Post Affiliate Pro plugin <= 1.25.0...

5.9CVSS

4.8AI Score

0.0004EPSS

2023-09-03 12:15 PM

cve

CVE-2012-3802

Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack...

6.3AI Score

0.002EPSS

2012-06-27 06:55 PM

cve

CVE-2012-2706

Cross-site scripting (XSS) vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to user...

5.8AI Score

0.002EPSS

2012-06-27 12:55 AM

cve

CVE-2008-5630

SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status...

8.4AI Score

0.005EPSS

2008-12-17 05:30 PM

cve

CVE-2008-4602

Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md...

6.7AI Score

0.011EPSS

2008-10-18 12:18 AM

cve

CVE-2005-3910

merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal...

7.2AI Score

0.002EPSS

2005-11-30 11:03 AM

cve

CVE-2005-3909

SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the sortorder...

8.8AI Score

0.008EPSS

2005-11-30 11:03 AM