Vulnerabilities > Tribiq

DATE	CVE	VULNERABILITY TITLE	RISK
2014-12-30	CVE-2011-2727	Information Exposure vulnerability in Tribiq CMS The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3) cmsincludes/cms_plugin_api_link.inc.php scripts in Tribal Tribiq CMS before 5.2.7c allow remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message. network tribiq CWE-200	4.3
2012-10-08	CVE-2012-5312	SQL Injection vulnerability in Tribiq CMS SQL injection vulnerability in Tribiq CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. network low complexity tribiq CWE-89	7.5
2009-06-26	CVE-2009-2220	Path Traversal vulnerability in Tribiq CMS 5.0.12C Multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and possibly execute arbitrary files via directory traversal sequences in the template_path parameter to (1) masthead.inc.php, (2) toppanel.inc.php, and (3) contact.inc.php in templates/mytribiqsite/tribiq-CL-9000/includes; and the use_template_family parameter to (4) templates/mytribiqsite/tribiq-CL-9000/includes/nlarlist_content.inc.php. network high complexity tribiq CWE-22	5.1
2009-01-23	CVE-2008-5961	Cross-Site Scripting vulnerability in Tribiq CMS 5.0.10B/5.0.11E Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote attackers to inject arbitrary web script or HTML via the cID parameter in a document action. network tribiq CWE-79	4.3
2009-01-23	CVE-2008-5960	SQL Injection vulnerability in Tribiq CMS 5.0.10B/5.0.11E SQL injection vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote attackers to execute arbitrary SQL commands via the cID parameter in a document action. network low complexity tribiq CWE-89	7.5
2008-11-04	CVE-2008-4894	Path Traversal vulnerability in Tribiq CMS 5.0.10A Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the template_path parameter. network high complexity tribiq CWE-22	5.1
2008-11-04	CVE-2008-4893	Cross-Site Scripting vulnerability in Tribiq CMS 5.0.10A Cross-site scripting (XSS) vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the template_path parameter. network high complexity tribiq CWE-79	2.6

Vulnerabilities > Tribiq {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tribiq"}]}

Vulnerabilities > Tribiq