Vulnerabilities > Focus SIS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-09-18 | CVE-2007-4942 | Code Injection vulnerability in Focus-Sis Focus SIS 1.0 PHP remote file inclusion vulnerability in modules/Discipline/StudentFieldBreakdown.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter, a different vector than CVE-2007-4806. | 7.5 |
2007-09-11 | CVE-2007-4807 | Code Injection vulnerability in Focus SIS Focus SIS 1.0/2.2 Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the staticpath parameter to (1) modules/Discipline/CategoryBreakdownTime.php or (2) modules/Discipline/StudentFieldBreakdown.php. | 7.5 |
2007-09-11 | CVE-2007-4806 | Code Injection vulnerability in Focus SIS Focus SIS 1.0/2.2 PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter. | 7.5 |