CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Exhibit Engine: Security Vulnerabilities

CVE-2006-5292

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.

CVSS Score

7.5

EPSS Score

0.041

Published

2006-10-16

CVE-2005-1875

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter.

CVSS Score

7.5

EPSS Score

0.007

Published

2005-06-02

Page 1

Vulnerabilities

Vulnerable Software

Exhibit Engine: Security Vulnerabilities

Products

Pricing

Contact Us