Shodan
Vulnerabilities
Vulnerable Software
Agares Media:  Security Vulnerabilities
CVE-2008-6040
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.
CVSS Score
7.5
EPSS Score
0.005
Published
2009-02-03
CVE-2008-0432
Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
CVSS Score
4.3
EPSS Score
0.005
Published
2008-01-23
CVE-2008-0433
PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAutoVideo 2.21 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter, a different vector than CVE-2007-6614.
CVSS Score
7.5
EPSS Score
0.021
Published
2008-01-23
CVE-2008-0262
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-01-15
CVE-2007-6614
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542.
CVSS Score
6.8
EPSS Score
0.025
Published
2008-01-03
CVE-2007-6615
Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter.
CVSS Score
6.8
EPSS Score
0.031
Published
2008-01-03
CVE-2007-6542
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
CVSS Score
7.5
EPSS Score
0.018
Published
2007-12-27
CVE-2007-4551
PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter.
CVSS Score
7.5
EPSS Score
0.022
Published
2007-08-28
CVE-2007-4552
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not.
CVSS Score
7.5
EPSS Score
0.003
Published
2007-08-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved