Matteoiammarrone: >> S-Cms >> 1.1 Security Vulnerabilities
Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
CVSS Score
7.5
EPSS Score
0.013
Published
2009-05-01
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2009-03-10
S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie.
CVSS Score
7.5
EPSS Score
0.007
Published
2009-03-10