Vulnerabilities > Matteoiammarrone > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-03-23 | CVE-2010-4771 | SQL Injection vulnerability in Matteoiammarrone S-Cms 2.5 SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-05-01 | CVE-2009-1502 | Path Traversal vulnerability in Matteoiammarrone S-Cms 1.1/1.5.2 Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | 7.5 |
2009-03-10 | CVE-2009-0864 | Improper Authentication vulnerability in Matteoiammarrone S-Cms 1.1 S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie. | 7.5 |
2009-03-10 | CVE-2009-0863 | SQL Injection vulnerability in Matteoiammarrone S-Cms 1.1 SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |