Website Baker: >> Website Baker >> 2.5.2 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Website Baker CMS before 2.6.4 allows remote attackers to inject arbitrary web script or HTML via a user display name.
CVSS Score
4.3
EPSS Score
0.005
Published
2006-05-11
SQL injection vulnerability in admin/login/index.php in Website Baker 2.6.0 allows remote attackers to execute arbitrary SQL commands via the username parameter, as used by the user field.
CVSS Score
7.5
EPSS Score
0.02
Published
2005-12-09