Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games...
8.5AI Score
0.003EPSS
Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a...
7.6AI Score
0.023EPSS