Toendacms Security Vulnerabilities and Issues — Toendacms CVE List

Lucene search

Toenda Software DevelopmentToendacms

3 matches found

CVE•added 2006/07/06 8:5 p.m.•45 views

CVE-2006-3362

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote...

5.1CVSS7.6AI score0.1422EPSS

CVE•added 2005/11/16 7:42 a.m.•44 views

CVE-2005-3550

Directory traversal vulnerability in admin.php in toendaCMS before 0.6.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the id_user parameter.

5CVSS6.8AI score0.03482EPSS

CVE•added 2005/11/16 7:42 a.m.•40 views

CVE-2005-3551

toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows remote attackers to obtain sensitive information via a direct request to the appropriate XML file.

5CVSS6.2AI score0.00346EPSS