Seditio@* Security Vulnerabilities and Issues — Seditio@* CVE List

Lucene search

NeocromeSeditio*

5 matches found

CVE•added 2007/07/30 5:30 p.m.•49 views

CVE-2007-4057

Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with (1) .php.gif, (2) .php.jpg, or (3) .php.png.

6.5CVSS6.7AI score0.02393EPSS

CVE•added 2006/11/30 4:28 p.m.•45 views

CVE-2006-6177

SQL injection vulnerability in system/core/users/users.profile.inc.php in Neocrome Seditio 1.10 and earlier allows remote authenticated users to execute arbitrary SQL commands via a double-url-encoded id parameter to users.php that begins with a valid filename, as demonstrated by "default.gif" foll...

7.5CVSS8.3AI score0.01594EPSS

CVE•added 2007/12/01 6:46 a.m.•41 views

CVE-2007-6202

SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.

6.8CVSS8.4AI score0.00611EPSS

CVE•added 2006/12/07 1:28 a.m.•36 views

CVE-2006-6343

SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

6.8CVSS8.4AI score0.0052EPSS

CVE•added 2006/12/07 1:28 a.m.•30 views

CVE-2006-6344

Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and earlier have unknown impact and attack vectors related to (1) plugins/ipsearch/ipsearch.admin.php, and (2) pfs/pfs.edit.inc.php, (3) users/users.register.inc.php in system/core. NOTE: the users.profile.inc.php vector is identified by...

7.5CVSS7.7AI score0.01594EPSS