Vulnerabilities > Openengine > Openengine > 1.7.1

DATE CVE VULNERABILITY TITLE RISK
2008-09-30 CVE-2008-4329 Improper Input Validation vulnerability in Openengine
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter.
network
low complexity
openengine CWE-20
critical
 10.0
10
2006-05-10 CVE-2006-2280 Unspecified vulnerability in Openengine 1.7.1/1.8Beta2
Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and earlier allows remote attackers to list arbitrary directories and read arbitrary files via a ..
network
low complexity
openengine
5.0
5.0