CVEDB API

Vulnerabilities

Vulnerable Software

Websitebaker: >> Websitebaker >> 2.8.1 Security Vulnerabilities

CVE-2011-4322

websitebaker prior to and including 2.8.1 has an authentication error in backup module.

CVSS Score

7.5

EPSS Score

0.003

Published

2020-01-21

CVE-2011-2933

An Arbitrary File Upload vulnerability exists in admin/media/upload.php in WebsiteBaker 2.8.1 and earlier due to a failure to restrict uploaded files with .htaccess, .php4, .php5, and .phtl extensions.

CVSS Score

7.2

EPSS Score

0.005

Published

2020-01-14

CVE-2011-2934

A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions.

CVSS Score

8.8

EPSS Score

0.001

Published

2020-01-14

CVE-2017-7410

Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter.

CVSS Score

9.8

EPSS Score

0.017

Published

2017-04-03

Page 1

Vulnerabilities

Vulnerable Software

Websitebaker: >> Websitebaker >> 2.8.1 Security Vulnerabilities

Products

Pricing

Contact Us