Zanfi Cms Lite Security Vulnerabilities and Issues — Zanfi Cms Lite CVE List

Lucene search

Zanfi SolutionsZanfi Cms Lite

4 matches found

CVE•added 2005/07/10 4:0 a.m.•42 views

CVE-2004-2196

Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.

5CVSS7.1AI score0.01281EPSS

CVE•added 2008/09/22 6:34 p.m.•40 views

CVE-2008-4158

Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc parameters.

6.8CVSS7.3AI score0.01124EPSS

CVE•added 2008/09/22 6:34 p.m.•40 views

CVE-2008-4159

SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter.

7.5CVSS8.4AI score0.00144EPSS

CVE•added 2005/07/10 4:0 a.m.•37 views

CVE-2004-2195

PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter.

5CVSS7.6AI score0.00827EPSS