Vulnerabilities > Paristemi
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-26 | CVE-2006-6739 | Code Injection vulnerability in Paristemi 0.8.3 PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689. | 7.5 |
2006-12-21 | CVE-2006-6689 | Code Injection vulnerability in Paristemi Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scripts, a different vector than CVE-2006-6739. | 7.5 |