Vulnerabilities > Crux Software

DATE CVE VULNERABILITY TITLE RISK
2008-10-08 CVE-2008-4484 Permissions, Privileges, and Access Controls vulnerability in Crux Software Gallery
main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php.
6.8
2008-10-08 CVE-2008-4483 Path Traversal vulnerability in Crux Software Gallery
Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..
6.8
2008-02-12 CVE-2008-0700 Cross-Site Scripting vulnerability in Crux Software Cruxcms 3.0
Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
4.3