SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field.
8.7AI Score
0.005EPSS
Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp.
8.9AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login/login.asp or (2) login/register.asp.
6AI Score
0.005EPSS