2500Mhz Worksimple vulnerabilities
2 known vulnerabilities affecting 2500mhz/worksimple.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-5764P3CRITICALCVSS 9.3PoCv1.2.12008-12-30
CVE-2008-5764 [CRITICAL] CWE-94 CVE-2008-5764: PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals i
PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.
nvd
CVE-2008-5765P3MEDIUMCVSS 5.0PoCv1.2.12008-12-30
CVE-2008-5765 [MEDIUM] CWE-264 CVE-2008-5765: WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, w
WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for data/usr.txt.
nvd