Content Management System Security Vulnerabilities and Issues — Content Management System CVE List

Lucene search

Exv2Content Management System

3 matches found

cve•added 2007/04/11 10:19 a.m.•37 views

CVE-2007-1965

Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the set_lang parameter to (1) archive.php, (2) article.php, (3) index.php, or (4) topics.php.

4.3CVSS5.6AI score0.003EPSS

cve•added 2007/08/15 7:17 p.m.•37 views

CVE-2007-4365

Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a set_lang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965.

4.3CVSS5.7AI score0.00329EPSS

cve•added 2007/03/02 9:18 p.m.•29 views

CVE-2006-7080

Directory traversal vulnerability in the avatar upload feature in exV2 2.0.4.3 and earlier allows remote attackers to delete arbitrary files via ".." sequences in the old_avatar parameter.

4.3CVSS7.2AI score0.03124EPSS