Vulnerabilities > Vigilecms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-22 | CVE-2007-6087 | Cross-Site Request Forgery (CSRF) vulnerability in Vigilecms 1.4 Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module. | 6.8 |
2007-11-22 | CVE-2007-6086 | Path Traversal vulnerability in Vigilecms 1.4 Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter. | 9.3 |
2007-11-22 | CVE-2007-6085 | Cross-Site Scripting vulnerability in Vigilecms 1.4 Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module. | 4.3 |