Vulnerabilities > CWH Underground
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-15 | CVE-2008-3180 | Cross-Site Scripting vulnerability in CWH Underground Contentnow CMS 1.4.1 Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO. | 4.3 |
2008-07-02 | CVE-2008-2983 | SQL Injection vulnerability in CWH Underground Demo4 CMS 01 SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |