Vulnerabilities > Freereprintables > Articlefr > 3.0.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-13 | CVE-2014-4170 | Improper Privilege Management vulnerability in Freereprintables Articlefr 3.0.4 A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information. | 7.5 |
2020-01-15 | CVE-2015-6591 | Path Traversal vulnerability in Freereprintables Articlefr 3.0.4/3.0.6/3.0.7 Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter. | 2.1 |
2014-08-22 | CVE-2014-5097 | SQL Injection vulnerability in Freereprintables Articlefr 3.0.4 Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) get or (2) set action to rate.php. | 7.5 |