Sinecms: >> Sinecms >> 2.3.4 Security Vulnerabilities
Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the sine[config][index_main] parameter.
CVSS Score
6.8
EPSS Score
0.021
Published
2009-09-04
Cross-site scripting (XSS) vulnerability in mods/Core/result.php in SineCms 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the stringa parameter.
CVSS Score
6.8
EPSS Score
0.01
Published
2007-04-30