Vulnerabilities > Siteman

DATE	CVE	VULNERABILITY TITLE	RISK
2008-09-30	CVE-2008-4365	Cross-Site Scripting vulnerability in Siteman 1.1.1/1.1.10/1.1.9 Cross-site scripting (XSS) vulnerability in search.php in Siteman 1.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network siteman CWE-79	4.3
2008-05-05	CVE-2008-2082	Cross-Site Scripting vulnerability in Siteman 2.0 Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message. network siteman CWE-79	4.3
2008-05-05	CVE-2008-2081	Path Traversal vulnerability in Siteman 2.0 Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. network low complexity siteman CWE-22 critical	9.0
2008-01-25	CVE-2008-0452	Path Traversal vulnerability in Siteman 1.1.9 Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the cat parameter in a viewart action. network low complexity siteman CWE-22	5.0
2007-01-30	CVE-2007-0594	Information Disclosure vulnerability in Siteman 2.0.X2 Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD. network low complexity siteman	5.0
2007-01-30	CVE-2007-0593	Information Disclosure vulnerability in Siteman 1.1.11 Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt. network low complexity siteman	5.0
2005-05-02	CVE-2005-0305	Privilege Escalation vulnerability in Siteman User Database CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation. network low complexity siteman	7.5

Vulnerabilities > Siteman {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Siteman"}]}

Vulnerabilities > Siteman