Siteatschool Security Vulnerabilities and Issues — Siteatschool CVE List

Lucene search

SiteatschoolSiteatschool

4 matches found

CVE•added 2006/09/21 1:7 a.m.•46 views

CVE-2006-4922

Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to upload and execute arbitrary files with executable extensions.

5CVSS7.8AI score0.06015EPSS

CVE•added 2006/09/21 1:7 a.m.•35 views

CVE-2006-4920

Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S) 2.4.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to (1) starnet/modules/sn_allbum/slideshow.php, and (2) starnet/themes/editable/main.inc.php.

7.5CVSS7.6AI score0.12259EPSS

CVE•added 2006/09/21 1:7 a.m.•35 views

CVE-2006-4921

PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/include.php. NOTE: some of these details are obtained from third party information.

7.5CVSS7.6AI score0.06847EPSS

CVE•added 2006/09/21 1:7 a.m.•27 views

CVE-2006-4919

Directory traversal vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter.

2.6CVSS7AI score0.01011EPSS