Lucene search
K

6 matches found

CVE
CVE
added 2009/08/24 10:0 a.m.45 views

CVE-2008-7034

CVE-2008-7034 affects PHPEcho CMS 2.0 rc3 due to a PHP remote file inclusion in kernel/smarty/Smarty.class.php. The vulnerability allows an attacker to execute arbitrary PHP code by supplying a URL that influences the _smarty_compile_path in the fetch function. Exploitation details are not provid...

7.5CVSS7.8AI score0.01514EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2009/07/09 4:30 p.m.18 views

CVE-2009-2401

Cross-site scripting XSS vulnerability in PHPEcho CMS 2.0-rc3 allows remote attackers to inject arbitrary web script or HTML via a forum post...

4.3CVSS5.6AI score0.01475EPSS
Exploits1References3
NVD
NVD
added 2007/04/12 1:19 a.m.17 views

CVE-2007-1987

Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pluginfile parameter to smarty/internals/core.loadpulgins.php or the 2 rootpath parameter to index.php. NOTE: CVE disputes 1 because the inclusion occurs...

7.5CVSS7.7AI score0.01356EPSS
Exploits0References3
Prion
Prion
added 2007/04/12 1:19 a.m.24 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pluginfile parameter to smarty/internals/core.loadpulgins.php or the 2 rootpath parameter to index.php. NOTE: CVE disputes 1 because the inclusion occurs...

7.5CVSS7.9AI score0.01356EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/04/12 1:0 a.m.47 views

CVE-2007-1988

CVE-2007-1988: XSS in PHPEcho CMS 2.0 caused by kernel/filters.inc.php handling the id parameter. Remote attacker can inject arbitrary script/HTML. The NVD CVSS2 base score is 4.3 (Medium) with no confidentiality/availability impact, partial integrity impact. No exploitation details or remediatio...

4.3CVSS5.7AI score0.01028EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/04/12 1:0 a.m.53 views

CVE-2007-1987

PHPEcho CMS 2.0 is affected by multiple PHP remote file inclusion vulnerabilities. An attacker can cause arbitrary PHP code execution via (1) the _plugin_file parameter to smarty/internals/core.load_pulgins.php and (2) the root_path parameter to index.php. The issue for (1) is mitigated by CVE no...

7.5CVSS7.7AI score0.01356EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder