Vulnerabilities > Goople CMS > Goople CMS > 1.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-11 | CVE-2008-6119 | Improper Input Validation vulnerability in Goople CMS Goople CMS 1.7 Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. | 7.5 |
2009-02-11 | CVE-2008-6118 | Improper Authentication vulnerability in Goople CMS Goople CMS 1.7 win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1. | 7.5 |