Easyweb: Security Vulnerabilities
Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters.
CVSS Score
7.5
EPSS Score
0.009
Published
2004-09-10
Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter.
CVSS Score
5.0
EPSS Score
0.075
Published
2004-07-23