Cce-Interact Interact vulnerabilities
3 known vulnerabilities affecting cce-interact/interact.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2008-3384P3HIGHCVSS 7.5PoCv2.4.12008-07-30
CVE-2008-3384 [HIGH] CWE-22 CVE-2008-3384: Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environ
Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters.
nvd
CVE-2008-3867P4MEDIUMCVSS 6.8v2.4.12008-11-03
CVE-2008-3867 [MEDIUM] CWE-89 CVE-2008-3867: SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to exe
SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter.
nvd
CVE-2008-3868P4MEDIUMCVSS 6.8v2.4.12008-11-03
CVE-2008-3868 [MEDIUM] CWE-352 CVE-2008-3868: Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack
Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack the authentication of super administrators for requests that create super administrator accounts.
nvd