Vulnerabilities > Pacercms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-25 | CVE-2008-0451 | SQL Injection vulnerability in Pacercms 0.6 Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) siteadmin/article-edit.php; and unspecified parameters to (2) submitted-edit.php, (3) page-edit.php, (4) section-edit.php, (5) staff-edit.php, and (6) staff-access.php in siteadmin/. | 7.5 |
2008-01-23 | CVE-2008-0426 | Cross-Site Scripting vulnerability in Pacercms Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) headline, or (3) text field in a message. | 4.3 |
2007-09-24 | CVE-2007-5056 | Code Injection vulnerability in multiple products Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter. | 6.8 |