Boka Siteengine vulnerabilities
4 known vulnerabilities affecting boka/siteengine.
Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2010-4357P3HIGHCVSS 7.5PoCv7.12010-12-01
CVE-2010-4357 [HIGH] CWE-89 CVE-2010-4357: SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arb
SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter.
nvd
CVE-2008-7267P3HIGHCVSS 7.5PoCv5.02010-12-01
CVE-2008-7267 [HIGH] CWE-89 CVE-2008-7267: SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execut
SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2008-7269P4MEDIUMCVSS 5.8PoCv5.02010-12-01
CVE-2008-7269 [MEDIUM] CWE-20 CVE-2008-7269: Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to re
Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action.
nvd
CVE-2008-7268P4MEDIUMCVSS 5.0v5.02010-12-01
CVE-2008-7268 [MEDIUM] CWE-200 CVE-2008-7268: The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setti
The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to php_info in misc.php.
nvd