Vulnerabilities > Cromosoft > Simple Plantilla PHP
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-02 | CVE-2007-1139 | Code Injection vulnerability in Cromosoft Simple Plantilla PHP Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts via a filename with a double extension. | 10.0 |
2007-03-02 | CVE-2007-1138 | Path Traversal vulnerability in Cromosoft Simple Plantilla PHP Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter. | 5.0 |