Tribiq Cms Security Vulnerabilities and Issues — Tribiq Cms CVE List

Lucene search

TribiqTribiq Cms

8 matches found

CVE•added 2014/12/30 2:59 a.m.•47 views

CVE-2011-2727

The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3) cmsincludes/cms_plugin_api_link.inc.php scripts in Tribal Tribiq CMS before 5.2.7c allow remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.

4.3CVSS6.3AI score0.0025EPSS

CVE•added 2009/05/11 8:30 p.m.•39 views

CVE-2008-6804

Tribiq CMS 5.0.9a beta allows remote attackers to bypass authentication and gain administrative access by setting the COOKIE_LAST_ADMIN_USER and COOKIE_LAST_ADMIN_LANG cookies. NOTE: a third party reports that the vendor disputes the existence of this issue

7.5CVSS7.3AI score0.01767EPSS

CVE•added 2009/06/26 3:30 p.m.•39 views

CVE-2009-2220

Multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and possibly execute arbitrary files via directory traversal sequences in the template_path parameter to (1) masthead.inc.php, (2)...

5.1CVSS7.6AI score0.01681EPSS

CVE•added 2008/11/04 12:58 a.m.•34 views

CVE-2008-4894

Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the...

5.1CVSS7.2AI score0.01488EPSS

CVE•added 2009/01/23 7:0 p.m.•32 views

CVE-2008-5961

Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote attackers to inject arbitrary web script or HTML via the cID parameter in a document action. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

4.3CVSS5.7AI score0.00263EPSS

CVE•added 2008/11/04 12:58 a.m.•31 views

CVE-2008-4893

Cross-site scripting (XSS) vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the template_path parameter. NOTE: the provenance of this informatio...

2.6CVSS5.6AI score0.00172EPSS

CVE•added 2012/10/08 5:55 p.m.•30 views

CVE-2012-5312

SQL injection vulnerability in Tribiq CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5CVSS8.7AI score0.00178EPSS

CVE•added 2009/01/23 7:0 p.m.•28 views

CVE-2008-5960

SQL injection vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote attackers to execute arbitrary SQL commands via the cID parameter in a document action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...

7.5CVSS8.3AI score0.00366EPSS