Vulnerabilities > Crux Software
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-08 | CVE-2008-4484 | Permissions, Privileges, and Access Controls vulnerability in Crux Software Gallery main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php. | 6.8 |
2008-10-08 | CVE-2008-4483 | Path Traversal vulnerability in Crux Software Gallery Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2008-02-12 | CVE-2008-0700 | Cross-Site Scripting vulnerability in Crux Software Cruxcms 3.0 Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |