Vulnerabilities > Phpskelsite
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-16 | CVE-2009-0596 | Path Traversal vulnerability in PHPskelsite 1.4 Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter. | 6.8 |
2009-02-16 | CVE-2009-0595 | Code Injection vulnerability in PHPskelsite 1.4 PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter. | 5.1 |