Vulnerabilities > Questwork
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-28 | CVE-2008-4774 | Cross-Site Scripting vulnerability in Questwork Questcms Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS allows remote attackers to inject arbitrary web script or HTML via the cx parameter. | 4.3 |
2008-10-28 | CVE-2008-4773 | Path Traversal vulnerability in Questwork Questcms Directory traversal vulnerability in main/main.php in QuestCMS allows remote attackers to read arbitrary local files via a .. | 5.0 |
2008-10-28 | CVE-2008-4772 | SQL Injection vulnerability in Questwork Questcms SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter. | 7.5 |