Vulnerabilities > Esyndicat

DATE CVE VULNERABILITY TITLE RISK
2012-09-20 CVE-2011-5177 Cross-Site Scripting vulnerability in Esyndicat PRO 2.3.05
Multiple cross-site scripting (XSS) vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to the admins (2) blocks, (3) articles, or (4) suggest-category; or (5) sort parameter to the search page.
network
esyndicat CWE-79
4.3
2008-07-25 CVE-2008-3299 Improper Authentication vulnerability in Esyndicat 1.6
eSyndiCat 1.6 allows remote attackers to bypass authentication and gain administrative access by setting the admin_lng cookie value to 1.
network
low complexity
esyndicat CWE-287
7.5
2007-12-28 CVE-2007-6543 SQL Injection vulnerability in Esyndicat Link Exchange
SQL injection vulnerability in suggest-link.php in eSyndiCat Link Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
esyndicat CWE-89
7.5
2007-07-17 CVE-2007-3811 SQL Injection vulnerability in Esyndicat Directory 1.6
Multiple SQL injection vulnerabilities in eSyndiCat allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php or (2) the name parameter to page.php.
network
low complexity
esyndicat
7.5
2007-05-21 CVE-2007-2785 Remote Security vulnerability in Esyndicat PRO 1.X
manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative accounts, and have other unspecified impact, via modified username, new_pass, new_pass2, status, super, and certain other parameters in an add action.
network
esyndicat
6.8
2006-05-24 CVE-2006-2578 Remote Security vulnerability in Esyndicat Directory 1.2
admin/cron.php in eSyndicat Directory 1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files and possibly execute arbitrary PHP code via a null-terminated value in the path_to_config parameter.
network
high complexity
esyndicat
5.1