CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phpecho Cms: >> Phpecho Cms >> 2.0-rc3 Security Vulnerabilities

CVE-2009-2401

Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote attackers to inject arbitrary web script or HTML via a forum post.

CVSS Score

4.3

EPSS Score

0.01

Published

2009-07-09

CVE-2009-2402

SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355.

CVSS Score

7.5

EPSS Score

0.003

Published

2009-07-09

Page 1

Vulnerabilities

Vulnerable Software

Phpecho Cms: >> Phpecho Cms >> 2.0-rc3 Security Vulnerabilities

Products

Pricing

Contact Us