Webedition Cms@6.2.7.0 Security Vulnerabilities and Issues — Webedition Cms@6.2.7.0 CVE List

Lucene search

WebeditionWebedition Cms6.2.7.0

2 matches found

CVE•added 2014/06/13 2:55 p.m.•35 views

CVE-2014-2303

Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS before 6.2.7-s1.2 and 6.3.x through 6.3.8 before -s1 allow remote attackers to execute arbitrary SQL commands via the (1) table or (2) order parameter.

7.5CVSS8.7AI score0.04029EPSS

CVE•added 2018/07/19 5:29 p.m.•33 views

CVE-2014-2302

The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.

9.8CVSS9.4AI score0.15675EPSS