Else If Cms@0.6-beta Security Vulnerabilities and Issues — Else If Cms@0.6-beta CVE List

Lucene search

Yannick TanguyElse If Cms0.6-beta

4 matches found

CVE•added 2007/10/09 6:17 p.m.•44 views

CVE-2007-5307

ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file via externe/swfupload/upload.php. NOTE: it could ...

7.5CVSS7.2AI score0.04365EPSS

CVE•added 2007/10/09 6:17 p.m.•38 views

CVE-2007-5305

Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) enregistrement.php, (e) c...

7.5CVSS7.7AI score0.04492EPSS

CVE•added 2007/10/09 6:17 p.m.•37 views

CVE-2007-5304

Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote parameter to utilisateurs/votesresultats.php, and the (3...

4.3CVSS5.8AI score0.03729EPSS

CVE•added 2007/10/09 6:17 p.m.•34 views

CVE-2007-5306

ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.

5CVSS6.2AI score0.02292EPSS