60Cyclecms Project 60Cyclecms vulnerabilities
2 known vulnerabilities affecting 60cyclecms_project/60cyclecms.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2010-1951P3MEDIUMCVSS 6.8PoCv2.5.22010-05-19
CVE-2010-1951 [MEDIUM] CWE-22 CVE-2010-1951: Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and exe
Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the DOCUMENT_ROOT parameter to (1) news.php, (2) submitComment.php, and (3) sqlConnect.php.
nvd
CVE-2011-3696P4MEDIUMCVSS 5.0v2.5.22011-09-23
CVE-2011-3696 [MEDIUM] CWE-200 CVE-2011-3696: 60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .
60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by post.php and certain other files.
nvd