4Site Cms vulnerabilities
2 known vulnerabilities affecting 4site/4site_cms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2009-0646P3HIGHCVSS 7.5PoC≤ 2.62009-02-18
CVE-2009-0646 [HIGH] CWE-89 CVE-2009-0646: Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier allow remote attackers to execut
Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login and (2) password parameters to pcgi/4site.pl, (3) page parameter to print/print.shtml, (4) s and (5) i parameters to portfolio/index.shtml, (6) h parameter to hotel/index.php, (7) id parameter to news/news1.shtml,
nvd
CVE-2010-4152P3HIGHCVSS 7.5PoC≤ 2.6v2.0+1 more2010-11-03
CVE-2010-4152 [HIGH] CVE-2010-4152: SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows re
SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the i and th vectors are already covered by CVE-2009-0646.
nvd