Drake Cms@* Security Vulnerabilities and Issues — Drake Cms@* CVE List

Lucene search

Drake TeamDrake Cms*

3 matches found

CVE•added 2007/04/03 4:19 p.m.•40 views

CVE-2007-1850

Directory traversal vulnerability in classes/captcha/captcha.jpg.php in Drake CMS allows remote attackers to read arbitrary files or list arbitrary directories, and obtain the installation path, via a .. (dot dot) in the d_private parameter. NOTE: Drake CMS has only a beta version available, and th...

5CVSS6.8AI score0.00181EPSS

CVE•added 2009/03/16 4:30 p.m.•36 views

CVE-2008-6475

SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php.

7.5CVSS8.7AI score0.00127EPSS

CVE•added 2006/11/06 11:7 p.m.•33 views

CVE-2006-5767

PHP remote file inclusion vulnerability in includes/xhtml.php in Drake CMS 0.2.2 alpha rev.846 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the d_root parameter.

6.8CVSS8AI score0.11174EPSS