Vulnerabilities > Quirm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-29 | CVE-2009-0340 | Path Traversal vulnerability in Quirm Simple PHP Newsletter 1.5 Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. | 6.8 |
| 2009-01-29 | CVE-2009-0331 | Path Traversal vulnerability in Quirm Espg 1.72 Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. | 7.8 |
| 2007-10-30 | CVE-2007-4863 | SQL Injection vulnerability in Quirm Saxon 5.4 SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter. | 6.8 |
| 2007-10-30 | CVE-2007-4862 | Cross-Site Scripting vulnerability in Quirm Saxon 5.4 Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the config[news_url] parameter. | 4.3 |
| 2007-10-30 | CVE-2007-4861 | Information Exposure vulnerability in Quirm Saxon 5.4 SAXON 5.4, with display_errors enabled, allows remote attackers to obtain sensitive information via (1) a direct request for news.php, (2) an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in (3) admin/, (4) rss/, and (5) the root directory of the installation, which reveal the path in various error messages. | 5.0 |