Vulnerabilities > Integramod
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-09-23 | CVE-2008-4183 | Information Exposure vulnerability in Integramod 1.4 IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename. | 5.0 |
| 2007-09-28 | CVE-2007-5140 | Code Injection vulnerability in Integramod Nederland 1.4.2 PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 6.8 |
| 2006-08-26 | CVE-2006-4369 | Remote File Include vulnerability in Integramod Portal 2.0 Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter. | 2.6 |
| 2006-08-26 | CVE-2006-4368 | Remote File Include vulnerability in Integramod Portal 2.0 PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2006-06-13 | CVE-2006-2985 | SQL-Injection vulnerability in Integramod SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLE_URL parameter. | 7.5 |
| 2006-06-13 | CVE-2006-2984 | Cross-Site Scripting vulnerability in Integramod 1.4.0 Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. network integramod | 4.3 |