Idevspot Nixieaffiliate — known CVE vulnerabilities
Every CVE whose affected-product data names Idevspot Nixieaffiliate, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2006-4895 — CVSS 7.5 (high): IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a modified id parameter to delete.php.
CVE-2006-4894 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 and earlier allows remote attackers to…