Cms Faethon Security Vulnerabilities

CVE-2009-5094

SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item...

CVE-2008-2128

PHP remote file inclusion vulnerability in templates/header.php in CMS Faethon 2.2 Ultimate allows remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter, a different vulnerability than CVE-2006-5588 and...

CVE-2008-2127

Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon 2.2 Ultimate allows remote attackers to inject arbitrary web script or HTML via the what parameter. NOTE: some of these details are obtained from third party...

CVE-2006-5588

Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 Ultimate and earlier, when register_globals and magic_quotes_gpc are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter to (1) includes/rss-reader.php or (2) admin/config.php,...

CVE-2006-3185

PHP remote file inclusion vulnerability in data/header.php in CMS Faethon 1.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the mainpath...

CVE-2006-3186

Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon 1.3.2 allow remote attackers to inject arbitrary web script or HTML via the mainpath parameter to (1) data/footer.php and (2) admin/header.php. NOTE: the provenance of this information is unknown; the details are obtained from...