Bukulokomedia Lokomedia Cms vulnerabilities
3 known vulnerabilities affecting bukulokomedia/lokomedia_cms.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2010-2018P4MEDIUMCVSS 5.0PoCv1.4.1v2.02010-05-24
CVE-2010-2018 [MEDIUM] CWE-22 CVE-2010-2018: Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attack
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
nvd
CVE-2010-2019P4MEDIUMCVSS 6.8v1.4.12010-05-24
CVE-2010-2019 [MEDIUM] CWE-89 CVE-2010-2019: SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd
CVE-2010-2017P4MEDIUMCVSS 4.3v1.4.1v2.02010-05-24
CVE-2010-2017 [MEDIUM] CWE-79 CVE-2010-2017: Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allo
Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information.
nvd