| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4401 | 5.0 |
languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
|
25-03-2021 - 15:05 | 06-12-2010 - 13:37 | |
| CVE-2010-4399 | 4.3 |
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: so
|
25-03-2021 - 15:05 | 06-12-2010 - 13:37 | |
| CVE-2010-4400 | 7.5 |
SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRights_UserId parameter.
|
25-03-2021 - 15:05 | 06-12-2010 - 13:37 |