3 matches found
CVE-2008-3720
CVE-2008-3720 describes a SQL injection vulnerability in DeeEmm CMS (DMCMS) 0.7.4, where remote attackers can execute arbitrary SQL commands through the page parameter of index.php. The vulnerability is noted as overlapping with CVE-2007-5679 (id parameter in media page), indicating a reused vuln...
CVE-2008-3721
CVE-2008-3721 affects DeeEmm CMS (DMCMS) 0.7.4. The vulnerability is a PHP remote file inclusion in user_language.php triggered by a URL in the language_dir parameter, allowing remote attackers to execute arbitrary PHP code. The NVD/CVE records consistently describe this RFI flaw with CVSS v2 bas...
CVE-2007-5679
The CVE-2007-5679 entry describes a SQL injection in DeeEmm.com DM CMS, affecting version 0.7.0.Beta (via index.php’s media page build_media_content.php using the id parameter) and later reported to affect 0.7.4 as well. This allows remote attackers to execute arbitrary SQL commands. The connecte...