| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-5046 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter.
|
10-10-2018 - 20:08 | 23-11-2011 - 01:55 | |
| CVE-2008-7123 | 6.8 |
Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter in an ajout action, which b
|
29-09-2017 - 01:33 | 31-08-2009 - 10:30 | |
| CVE-2008-7124 | 7.5 |
zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator.
|
29-09-2017 - 01:33 | 31-08-2009 - 10:30 | |
| CVE-2005-0663 | 7.5 |
SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
| CVE-2004-1825 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) return or (2) mos_change_template parameters.
|
11-07-2017 - 01:31 | 16-03-2004 - 05:00 | |
| CVE-2005-0662 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field.
|
05-09-2008 - 20:46 | 02-05-2005 - 04:00 |