Vulnerabilities > Tilde

DATE	CVE	VULNERABILITY TITLE	RISK
2007-11-29	CVE-2007-6161	Information Exposure vulnerability in Tilde CMS index.php in Tilde CMS 4.x and earlier allows remote attackers to obtain sensitive information via a certain search parameter value in a search action, which reveals the path. network low complexity tilde CWE-200	5.0
2007-11-29	CVE-2007-6160	Cross-Site Scripting vulnerability in Tilde CMS 4.0 Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action. network tilde CWE-79	4.3
2007-11-29	CVE-2007-6159	SQL Injection vulnerability in Tilde CMS 4.0 SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500. network low complexity tilde CWE-89	7.5
2006-03-30	CVE-2006-1500	SQL Injection vulnerability in Tilde CMS 3.0 SQL injection vulnerability in index.php in Tilde CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. network low complexity tilde CWE-89	7.5

Vulnerabilities > Tilde {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tilde"}]}