Sweetrice@0.6.7.1 Security Vulnerabilities and Issues — Sweetrice@0.6.7.1 CVE List

Lucene search

Basic-cmsSweetrice0.6.7.1

3 matches found

CVE•added 2015/01/03 11:59 a.m.•39 views

CVE-2010-5318

The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter.

4.3CVSS7AI score0.03428EPSS

CVE•added 2015/01/03 11:59 a.m.•34 views

CVE-2010-5317

Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via (1) the file_name parameter in an attachment action, (2) the post parameter in a show_comment action, (3) the sys-name parameter in an rssfeed action, or ...

7.5CVSS8.7AI score0.00225EPSS

CVE•added 2015/01/03 11:59 a.m.•28 views

CVE-2010-5316

Cross-site scripting (XSS) vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a top_height cookie.

4.3CVSS5.8AI score0.00225EPSS