Vulnerabilities > Ttcms

DATE CVE VULNERABILITY TITLE RISK
2007-03-27 CVE-2007-1708 Remote File Include vulnerability in TTCMS EZ_SQL.PHP
PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.
network
low complexity
ttcms
7.5
2003-12-31 CVE-2003-1459 Code Injection vulnerability in Ttcms and Ttforum
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php.
network
ttcms CWE-94
6.8
2003-12-31 CVE-2003-1458 SQL Injection vulnerability in Ttcms and Ttforum
SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name.
network
low complexity
ttcms CWE-89
7.5
2003-06-09 CVE-2003-0331 SQL-Injection vulnerability in Ttcms Ttforum 4
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page.
network
low complexity
ttcms
critical
10.0