Vulnerabilities > Sitex

DATE	CVE	VULNERABILITY TITLE	RISK
2007-10-01	CVE-2007-5156	Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529. network apache fckeditor sitex	6.8
2007-09-28	CVE-2007-5141	SQL Injection vulnerability in Sitex CMS 0.7.3Beta SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter. network sitex CWE-89	6.8
2007-03-03	CVE-2007-1236	Information Disclosure vulnerability in SiteX sitex allows remote attackers to obtain sensitive information via a request with a numerical value for the (1) sxMonth[] or (2) sxYear[] parameter to calendar.php, or the (3) page[] parameter to calendar_events.php, which reveals the path in various error messages. network low complexity sitex	6.4

Vulnerabilities > Sitex {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sitex"}]}