Vulnerabilities > Freereprintables > Articlefr > 3.0.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-15 | CVE-2015-6591 | Path Traversal vulnerability in Freereprintables Articlefr 3.0.4/3.0.6/3.0.7 Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter. | 2.1 |
2015-07-16 | CVE-2015-5530 | Cross-Site Request Forgery (CSRF) vulnerability in Freereprintables Articlefr 3.0.6 Multiple cross-site request forgery (CSRF) vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request to dashboard/users/create/. | 6.8 |
2015-07-16 | CVE-2015-5529 | Cross-site Scripting vulnerability in Freereprintables Articlefr 3.0.6 Multiple cross-site scripting (XSS) vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to dashboard/settings/categories/, (2) title or (3) rel parameter to dashboard/settings/links/, or (4) url parameter to dashboard/tools/pingservers/. | 4.3 |