Artmedic Webdesign Artmedic Newsletter vulnerabilities
2 known vulnerabilities affecting artmedic_webdesign/artmedic_newsletter.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2006-2608P3MEDIUMCVSS 5.1PoCv4.12006-05-26
CVE-2006-2608 [MEDIUM] CVE-2006-2608: artmedic newsletter 4.1 and possibly other versions, when register_globals is enabled, allows remote
artmedic newsletter 4.1 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefined to an attacker-controlled value, as demonstrated by injecting PHP code into info.php
nvd
CVE-2006-2609P4MEDIUMCVSS 5.1v4.1.22006-05-26
CVE-2006-2609 [MEDIUM] CVE-2006-2609: artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remo
artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the email parameter to newsletter_log.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd