Artmedic Webdesign: >> Artmedic Cms Security Vulnerabilities
Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs.
CVSS Score
6.8
EPSS Score
0.027
Published
2007-10-19
Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
CVSS Score
7.5
EPSS Score
0.037
Published
2007-10-17