Vulnerabilities > Goople CMS

DATE CVE VULNERABILITY TITLE RISK
2009-02-11 CVE-2008-6119 Improper Input Validation vulnerability in Goople CMS Goople CMS 1.7
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters.
network
low complexity
goople-cms CWE-20
7.5
2009-02-11 CVE-2008-6118 Improper Authentication vulnerability in Goople CMS Goople CMS 1.7
win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1.
network
low complexity
goople-cms CWE-287
7.5
2009-01-15 CVE-2009-0121 SQL Injection vulnerability in Goople CMS Goople CMS 1.8.2
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter.
network
low complexity
goople-cms CWE-89
7.5
2009-01-09 CVE-2009-0111 SQL Injection vulnerability in Goople CMS Goople CMS
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
network
low complexity
goople-cms CWE-89
7.5