Vulnerabilities > Pehepe

DATE CVE VULNERABILITY TITLE RISK
2006-03-07 CVE-2006-1022 Remote PHP Script Code Injection vulnerability in Pehepe Membership Management System 3.0
PHP remote file include vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to include and execute arbitrary PHP code via a URL in the uye_klasor parameter, along with a misafir[] parameter that is set to UYE_SEVIYE.
network
low complexity
pehepe
5.0
2006-03-07 CVE-2006-1021 Cross-Site Scripting vulnerability in Pehepe Membership Management System and Uyelik Sistemi
Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to inject arbitrary web script or HTML via the kuladi parameter ($kul_adi variable).
network
pehepe
4.3