Vulnerabilities > Artiphp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-21 | CVE-2012-2906 | Cross-Site Scripting vulnerability in Artiphp CMS 5.5.0 Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo (r422) allow remote attackers to inject arbitrary web script or HTML via the (1) add_img_name_post, (2) asciiart_post, (3) expediteur, (4) titre_sav, or (5) z39d27af885b32758ac0e7d4014a61561 parameter. | 4.3 |
2012-05-21 | CVE-2012-2905 | Permissions, Privileges, and Access Controls vulnerability in Artiphp CMS 5.5.0 Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request. | 5.0 |