Vulnerabilities > Zanfi Solutions > Zanfi CMS Lite
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-09-22 | CVE-2008-4159 | SQL Injection vulnerability in Zanfi Solutions JAW Portal and Zanfi CMS Lite SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. | 7.5 |
2008-09-22 | CVE-2008-4158 | Path Traversal vulnerability in Zanfi Solutions Zanfi CMS Lite 1.2 Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2004-12-31 | CVE-2004-2196 | Remote Security vulnerability in Zanfi Solutions Zanfi CMS Lite 1.1 Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | 5.0 |
2004-12-31 | CVE-2004-2195 | Remote File Include vulnerability in Zanfi Solutions Zanfi CMS Lite 1.1 PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | 5.0 |