Vulnerabilities > Giaard > Proman
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-02 | CVE-2010-2138 | Path Traversal vulnerability in Giaard Proman 0.1.0 Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SESSION[userLang] parameter to (1) elisttasks.php, (2) managepmanagers.php, (3) manageusers.php, (4) helpfunc.php, (5) managegroups.php, (6) manageprocess.php, and (7) manageusersgroups.php. | 6.8 |
2010-06-02 | CVE-2010-2137 | Code Injection vulnerability in Giaard Proman 0.1.0 PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 7.5 |