4 matches found
CVE-2006-1634
CVE-2006-1634 corresponds to a cross-site scripting (XSS) vulnerability in LucidCMS 2.0.0 RC4, exploitable via the command parameter in index.php. The XSS could allow remote attackers to inject arbitrary script/HTML. Affected product is LucidCMS 2.0.0 RC4; root cause is improper handling of user-...
CVE-2005-3130
CVE-2005-3130 : LucidCMS 1.0.11 is affected by an SQL injection in the login field that allows remote attackers to execute arbitrary SQL commands. The NVD entry lists a CVSSv2 base score of 7.5 (HIGH) with network access, low attack complexity, no authentication, and partial impacts on confidenti...
CVE-2005-3127
LucidCMS 1.0.11 is affected by a Cross-site scripting (XSS) vulnerability in index.php, exploitable via the query string to inject arbitrary script/HTML. The provided sources confirm the vulnerability description but do not specify a patch version or mitigation. Exploitation details or in-the-wil...
CVE-2006-1635
CVE-2006-1635 affects LucidCMS 2.0.0 RC4. The vulnerability arises from a direct request to /lucid_phplib/translator.php, where an error message reveals the server path, enabling remote disclosure of sensitive information. No explicit exploit details or in‑the‑wild data are provided in the docume...