Vulnerabilities > Itcms > Itcms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-05-14 | CVE-2008-2192 | Code Injection vulnerability in Itcms 1.9 Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter. | 10.0 |
2007-07-31 | CVE-2007-4115 | Cross-Site Scripting vulnerability in Itcms 0.2 Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote attackers to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php. network itcms | 4.3 |