Bandsite Cms Security Vulnerabilities and Issues — Bandsite Cms CVE List

Lucene search

GrayscaleBandsite Cms

3 matches found

CVE•added 2006/09/26 2:7 a.m.•39 views

CVE-2006-4984

Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter in (1) adminpanel/includes/mailinglist/mlist_xls.php and (2) adminpanel/includes/add_forms/addmp3.php. NOTE: the other vect...

7.5CVSS7.5AI score0.0328EPSS

CVE•added 2006/09/26 2:7 a.m.•38 views

CVE-2006-4985

Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote attackers to inject arbitrary web script or HTML via (1) the max_file_size_purdy parameter in adminpanel/includes/helpfiles/help_mp3.php, (2) the message_text parameter in adminpanel/includes/mailinglist/send...

4.3CVSS6AI score0.0049EPSS

CVE•added 2006/09/26 2:7 a.m.•30 views

CVE-2006-4986

Grayscale BandSite CMS allows remote attackers to obtain sensitive information via a direct request for (1) certain files in the includes/content directory, (2) includes/shows_preview.php, and (3) adminpanel/configform.php; and files in adminpanel/includes/ including (4) mailinglist/disphtmltbl.php...

5CVSS6.6AI score0.00389EPSS