Esyndicat Directory Security Vulnerabilities and Issues — Esyndicat Directory CVE List

Lucene search

EsyndicatEsyndicat Directory

2 matches found

CVE•added 2006/05/24 11:2 p.m.•41 views

CVE-2006-2578

admin/cron.php in eSyndicat Directory 1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files and possibly execute arbitrary PHP code via a null-terminated value in the path_to_config parameter.

5.1CVSS7.5AI score0.00741EPSS

CVE•added 2007/07/17 12:30 a.m.•40 views

CVE-2007-3811

Multiple SQL injection vulnerabilities in eSyndiCat allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php or (2) the name parameter to page.php.

7.5CVSS8.5AI score0.00782EPSS