Vulnerabilities > 60Cyclecms Project

DATE CVE VULNERABILITY TITLE RISK
2011-09-23 CVE-2011-3696 Information Exposure vulnerability in 60Cyclecms Project 60Cyclecms 2.5.2
60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by post.php and certain other files.
network
low complexity
60cyclecms-project CWE-200
5.0
2010-05-19 CVE-2010-1951 Path Traversal vulnerability in 60Cyclecms Project 60Cyclecms 2.5.2
Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the DOCUMENT_ROOT parameter to (1) news.php, (2) submitComment.php, and (3) sqlConnect.php.
6.8