Vulnerabilities > Blueriver > Sava CMS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-09-29 | CVE-2010-3468 | Path Traversal vulnerability in Blueriver Mura CMS and Sava CMS Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5.2.2809, and Sava CMS 5 through 5.2, allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2009-03-06 | CVE-2008-6434 | SQL Injection vulnerability in Blueriver Sava CMS SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to execute arbitrary SQL commands via the LinkServID parameter. | 7.5 |
| 2009-03-06 | CVE-2008-6433 | Cross-Site Scripting vulnerability in Blueriver Sava CMS Cross-site scripting (XSS) vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action. | 4.3 |