Vulnerabilities > 60Cyclecms Project > 60Cyclecms > 2.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-09-23 | CVE-2011-3696 | Information Exposure vulnerability in 60Cyclecms Project 60Cyclecms 2.5.2 60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by post.php and certain other files. | 5.0 |
2010-05-19 | CVE-2010-1951 | Path Traversal vulnerability in 60Cyclecms Project 60Cyclecms 2.5.2 Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the DOCUMENT_ROOT parameter to (1) news.php, (2) submitComment.php, and (3) sqlConnect.php. | 6.8 |