CVEDB API

Vulnerabilities

Vulnerable Software

Fkrauthan: >> Phoenix View Cms >> 2-pre-alpha Security Vulnerabilities

CVE-2008-2533

Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ltarget parameter to (a) admin/admin_frame.php and the (2) conf parameter to (b) gbuch.admin.php, (c) links.admin.php, (d) menue.admin.php, (e) news.admin.php, and (f) todo.admin.php in admin/module/.

CVSS Score

4.3

EPSS Score

0.016

Published

2008-06-03

CVE-2008-2534

Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ltarget parameter.

CVSS Score

7.5

EPSS Score

0.015

Published

2008-06-03

CVE-2008-2535

Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/.

CVSS Score

7.5

EPSS Score

0.002

Published

2008-06-03

Page 1

Vulnerabilities

Vulnerable Software

Fkrauthan: >> Phoenix View Cms >> 2-pre-alpha Security Vulnerabilities

Products

Pricing

Contact Us