Vulnerabilities > Extreme CMS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-20 | CVE-2006-5986 | Cross-Site Scripting vulnerability in Extreme CMS admin/options.php in Extreme CMS 0.9, and possibly earlier, does not require authentication, which might allow remote attackers to conduct unauthorized activities. network extreme-cms | 6.8 |
2006-11-20 | CVE-2006-5985 | Cross-Site Scripting vulnerability in Extreme CMS Multiple cross-site scripting (XSS) vulnerabilities in admin/options.php in Extreme CMS 0.9, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) bg1, (2) bg2, (3) text, or (4) size parameters. network extreme-cms | 6.8 |