Vulnerabilities > Scottmanktelow

DATE CVE VULNERABILITY TITLE RISK
2007-10-12 CVE-2007-5432 Information Exposure vulnerability in Scottmanktelow Stride CMS 1.0
Stride 1.0 has a default administrator username of "scott" with the password "running", which allows remote attackers to obtain administrative access through login.php.
network
low complexity
scottmanktelow CWE-200
7.5
2007-10-12 CVE-2007-5431 Information Exposure vulnerability in multiple products
include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code.
network
low complexity
javaatwork scottmanktelow CWE-200
7.8
2007-10-12 CVE-2007-5430 SQL Injection vulnerability in Scottmanktelow Stride CMS 1.0
Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem.
network
low complexity
scottmanktelow CWE-89
7.5