CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Webedition: >> Webedition Cms >> 6.3.8 Security Vulnerabilities

CVE-2014-2302

The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.

CVSS Score

9.8

EPSS Score

0.157

Published

2018-07-19

CVE-2014-5258

Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.

CVSS Score

4.0

EPSS Score

0.835

Published

2014-11-06

Page 1

Vulnerabilities

Vulnerable Software

Webedition: >> Webedition Cms >> 6.3.8 Security Vulnerabilities

Products

Pricing

Contact Us