Vulnerabilities > Cutesite
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-11-02 | CVE-2010-5025 | Cross-Site Scripting vulnerability in Cutesite CMS 1.2.3/1.5.0 Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter. | 4.3 |
2011-11-02 | CVE-2010-5024 | SQL Injection vulnerability in Cutesite CMS 1.2.3/1.5.0 SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. | 6.0 |