Kasseler-Cms: >> Kasseler Cms >> 1.3.0 Security Vulnerabilities
Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to index.php, possibly related to the phpManual module.
CVSS Score
5.0
EPSS Score
0.019
Published
2008-07-09
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
CVSS Score
4.3
EPSS Score
0.015
Published
2008-07-09