Lucene search

K

Phpecho Cms Security Vulnerabilities

cve
cve

CVE-2008-7034

PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch...

8.3AI Score

0.006EPSS

2009-08-24 10:30 AM
21
cve
cve

CVE-2009-2401

Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote attackers to inject arbitrary web script or HTML via a forum...

6.2AI Score

0.002EPSS

2009-07-09 04:30 PM
17
cve
cve

CVE-2009-2402

SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than...

8.7AI Score

0.001EPSS

2009-07-09 04:30 PM
17
cve
cve

CVE-2008-0355

SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than...

8.6AI Score

0.001EPSS

2008-01-18 10:00 PM
25
cve
cve

CVE-2007-3335

Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS before 1.6 allow remote attackers to execute arbitrary SQL commands via unspecified...

9.5AI Score

0.002EPSS

2007-06-21 07:30 PM
21
cve
cve

CVE-2007-2866

Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained from third party...

8.9AI Score

0.002EPSS

2007-05-25 06:30 PM
20
cve
cve

CVE-2007-1988

Cross-site scripting (XSS) vulnerability in kernel/filters.inc.php in PHPEcho CMS 2.0 allows remote attackers to inject arbitrary web script or HTML via the id...

5.9AI Score

0.002EPSS

2007-04-12 01:19 AM
21
cve
cve

CVE-2007-1987

Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) _plugin_file parameter to smarty/internals/core.load_pulgins.php or the (2) root_path parameter to index.php. NOTE: CVE disputes (1) because the...

7.9AI Score

0.011EPSS

2007-04-12 01:19 AM
23