Interact@2.4.1 Security Vulnerabilities and Issues — Interact@2.4.1 CVE List

Lucene search

Cce-interactInteract2.4.1

3 matches found

CVE•added 2008/07/30 6:41 p.m.•35 views

CVE-2008-3384

Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters.

7.5CVSS7.3AI score0.06932EPSS

CVE•added 2008/11/03 7:36 p.m.•30 views

CVE-2008-3867

SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter.

6.8CVSS8.4AI score0.00661EPSS

CVE•added 2008/11/03 7:36 p.m.•26 views

CVE-2008-3868

Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack the authentication of super administrators for requests that create super administrator accounts.

6.8CVSS7.1AI score0.00164EPSS