Aprox Aproxengine vulnerabilities
2 known vulnerabilities affecting aprox/aproxengine.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2008-3291P3HIGHCVSS 7.5PoCv5.1.0.42008-07-24
CVE-2008-3291 [HIGH] CWE-89 CVE-2008-3291: SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote
SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2008-2895P3HIGHCVSS 7.5PoCv5.1.0.42008-06-27
CVE-2008-2895 [HIGH] CWE-22 CVE-2008-2895: Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to inc
Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
nvd