Vulnerabilities > Dustincowell
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-11-26 | CVE-2010-4311 | Cryptographic Issues vulnerability in Dustincowell Free Simple Software 1.0 Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. | 5.0 |
2010-11-26 | CVE-2010-4298 | SQL Injection vulnerability in Dustincowell Free Simple Software 1.0 SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php. | 7.5 |
2010-10-05 | CVE-2010-3742 | Code Injection vulnerability in Dustincowell Free Simple CMS 1.0 Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different issue than CVE-2010-3307. | 7.5 |
2010-10-05 | CVE-2010-3307 | Code Injection vulnerability in Dustincowell Free Simple CMS 1.0 Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) body, (2) footer, (3) header, (4) menu_left, or (5) menu_right parameter. | 7.5 |