inoutscripts CVE Vulnerabilities & Metrics

Focus on inoutscripts vulnerabilities and metrics.

Last updated: 29 Mar 2026, 22:25 UTC

About inoutscripts Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with inoutscripts. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total inoutscripts CVEs: 8
Earliest CVE date: 16 Sep 2009, 19:30 UTC
Latest CVE date: 12 Mar 2026, 16:16 UTC

Latest CVE reference: CVE-2019-25528

Rolling Stats

30-day Count (Rolling): 4
365-day Count (Rolling): 4

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical inoutscripts CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 2.39

Max CVSS: 6.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	5
4.0-6.9	4
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS inoutscripts CVEs

These are the five CVEs with the highest CVSS scores for inoutscripts, sorted by severity first and recency.

CVE-2009-3223 inoutscripts Published on 16 Sep 2009, 19:30 UTC (CVSS: 6.5)
SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
CVE-2022-31489 inoutscripts Published on 23 May 2022, 20:16 UTC (CVSS: 5.0)
Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection.
CVE-2022-31488 inoutscripts Published on 23 May 2022, 20:16 UTC (CVSS: 5.0)
Inout Blockchain AltExchanger 1.2.1 allows index.php/coins/update_marketboxslider marketcurrency SQL injection.
CVE-2022-31487 inoutscripts Published on 23 May 2022, 20:16 UTC (CVSS: 5.0)
Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1 allow Chart/TradingView/chart_content/master.php symbol SQL injection.
CVE-2019-25528 inoutscripts Published on 12 Mar 2026, 16:16 UTC (CVSS: 0)
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the property1 parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloads to extract sensitive data or modify database contents.

All CVEs for inoutscripts

CVE-2019-25528 inoutscripts vulnerability CVSS: 0 12 Mar 2026, 16:16 UTC

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the property1 parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloads to extract sensitive data or modify database contents.

CVE-2019-25527 inoutscripts vulnerability CVSS: 0 12 Mar 2026, 16:16 UTC

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the numguest parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloads to bypass authentication, extract sensitive data, or modify database contents.

CVE-2019-25526 inoutscripts vulnerability CVSS: 0 12 Mar 2026, 16:16 UTC

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the location parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloads in the location field to extract sensitive data or modify database contents.

CVE-2019-25525 inoutscripts vulnerability CVSS: 0 12 Mar 2026, 16:16 UTC

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. Attackers can send POST requests to the search/rentals endpoint with malicious SQL payloads to bypass authentication, extract sensitive data, or modify database contents.

CVE-2022-34988 inoutscripts vulnerability CVSS: 0 26 Jul 2022, 13:15 UTC

Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js.

CVE-2022-31489 inoutscripts vulnerability CVSS: 5.0 23 May 2022, 20:16 UTC

Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection.

CVE-2022-31488 inoutscripts vulnerability CVSS: 5.0 23 May 2022, 20:16 UTC

Inout Blockchain AltExchanger 1.2.1 allows index.php/coins/update_marketboxslider marketcurrency SQL injection.

CVE-2022-31487 inoutscripts vulnerability CVSS: 5.0 23 May 2022, 20:16 UTC

Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1 allow Chart/TradingView/chart_content/master.php symbol SQL injection.

CVE-2009-3223 inoutscripts vulnerability CVSS: 6.5 16 Sep 2009, 19:30 UTC

SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter.