Koobi Pro Security Vulnerabilities and Issues — Koobi Pro CVE List

Lucene search

Dream4Koobi Pro

4 matches found

CVE•added 2006/07/18 3:46 p.m.•39 views

CVE-2006-3622

The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to obtain sensitive information via a ' (single quote) in the p parameter, which displays the path in an error message. NOTE: it is not clear whether this is SQL injection or a forced SQL error.

5CVSS7.4AI score0.00277EPSS

CVE•added 2006/07/18 3:46 p.m.•35 views

CVE-2006-3621

SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to execute arbitrary SQL commands via the toid parameter.

7.5CVSS8.8AI score0.00341EPSS

CVE•added 2006/07/18 3:46 p.m.•34 views

CVE-2006-3620

Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to inject arbitrary web script or HTML via the toid parameter.

2.6CVSS5.7AI score0.00333EPSS

CVE•added 2008/03/03 10:44 p.m.•28 views

CVE-2008-1122

SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to execute arbitrary SQL commands via the categ parameter to index.php. NOTE: it was later reported that this also affects Koobi CMS 4.2.4, 4.2.5, and 4.3.0.

7.5CVSS8.2AI score0.00385EPSS