Benjacms Benja Cms vulnerabilities
3 known vulnerabilities affecting benjacms/benja_cms.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2008-2988P3HIGHCVSS 7.5v0.12008-07-02
CVE-2008-2988 [HIGH] CWE-20 CVE-2008-2988: Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers
Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers to upload and execute arbitrary PHP files via unspecified vectors, followed by a direct request to the file in billeder/.
nvd
CVE-2008-2879P3MEDIUMCVSS 6.4v0.12008-06-26
CVE-2008-2879 [MEDIUM] CWE-287 CVE-2008-2879: Benja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to
Benja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to add or delete a menu.
nvd
CVE-2008-2987P4MEDIUMCVSS 4.3PoCv0.12008-07-02
CVE-2008-2987 [MEDIUM] CWE-79 CVE-2008-2987: Multiple cross-site scripting (XSS) vulnerabilities in Benja CMS 0.1 allow remote attackers to injec
Multiple cross-site scripting (XSS) vulnerabilities in Benja CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin_edit_submenu.php, (2) admin_new_submenu.php, and (3) admin_edit_topmenu.php in admin/.
nvd