Vulnerabilities > Goople CMS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-11 | CVE-2008-6119 | Improper Input Validation vulnerability in Goople CMS Goople CMS 1.7 Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. | 7.5 |
2009-02-11 | CVE-2008-6118 | Improper Authentication vulnerability in Goople CMS Goople CMS 1.7 win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1. | 7.5 |
2009-01-15 | CVE-2009-0121 | SQL Injection vulnerability in Goople CMS Goople CMS 1.8.2 SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. | 7.5 |
2009-01-09 | CVE-2009-0111 | SQL Injection vulnerability in Goople CMS Goople CMS SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |