Vulnerabilities > Atarone
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-08 | CVE-2008-4489 | Path Traversal vulnerability in Atarone 1.2.0 Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. | 10.0 |
2008-10-08 | CVE-2008-4488 | Cross-Site Scripting vulnerability in Atarone 1.2.0 Cross-site scripting (XSS) vulnerability in ap-pages.php in Atarone CMS 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) id parameters. | 4.3 |
2008-10-08 | CVE-2008-4487 | SQL Injection vulnerability in Atarone 1.2.0 SQL injection vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) site_name, (2) email, (3) theme_chosen, (4) hp, (5) c_meta, (6) id, and (7) c_js parameters. | 6.8 |