Vulnerabilities > Fipsasp > Fipscms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-20 | CVE-2008-3722 | SQL Injection vulnerability in Fipsasp Fipscms 2.1 SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | 7.5 |
| 2008-05-09 | CVE-2008-2124 | SQL Injection vulnerability in Fipsasp Fipscms 2.1 SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter. | 7.5 |
| 2007-05-09 | CVE-2007-2561 | SQL Injection vulnerability in Fipsasp Fipscms 2.1 SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115. | 7.5 |
| 2006-11-26 | CVE-2006-6115 | SQL Injection vulnerability in FipsCMS Index.ASP SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter. | 7.5 |
| 2006-06-15 | CVE-2006-3031 | Cross-Site Scripting vulnerability in fipsCMS Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters. network fipsasp | 4.3 |