Vulnerabilities > Icms Content Management Systems

DATE CVE VULNERABILITY TITLE RISK
2005-12-20 CVE-2005-4397 SQL-Injection vulnerability in Icms
SQL injection vulnerability in RunScript.asp iCMS allows remote attackers to execute arbitrary SQL commands via the Event_ID parameter.
network
low complexity
icms-content-management-systems
7.5
2005-12-20 CVE-2005-4396 Cross-Site Scripting vulnerability in Icms
Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter.
4.3
2005-11-16 CVE-2005-3574 Remote Security vulnerability in Icms
PHP file inclusion vulnerability in index.php of iCMS allows remote attackers to include arbitrary files via the page parameter.
network
low complexity
icms-content-management-systems
5.0