Cuteflow Security Vulnerabilities and Issues — Cuteflow CVE List

Lucene search

Emedia Office GmbhCuteflow

3 matches found

CVE•added 2008/04/02 5:44 p.m.•35 views

CVE-2008-1632

Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) listid parameter to pages/editmailinglist_step1.php, the (2) userid parameter to pages/edituser.php, the (3) fieldid parameter to pages/editfield.php, and the (4)...

7.5CVSS7.8AI score0.00366EPSS

CVE•added 2008/04/02 5:44 p.m.•33 views

CVE-2008-1630

Multiple cross-site scripting (XSS) vulnerabilities in CuteFlow 1.5.0 and 2.10.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) page/showcirculation.php; and (2) edittemplate_step2.php, (3) showfields.php, (4) showuser.php, (5) editmailinglist_step1....

4.3CVSS5.7AI score0.00329EPSS

CVE•added 2008/04/02 5:44 p.m.•23 views

CVE-2008-1631

SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php.

7.5CVSS8.4AI score0.00397EPSS