SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.
8.4AI Score
0.002EPSS
Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_t...
7.3AI Score
0.011EPSS
SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie.
8.3AI Score
0.002EPSS