Creasito E-Commerce Content Manager vulnerabilities
2 known vulnerabilities affecting creasito/creasito_e-commerce_content_manager.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-5777P3HIGHCVSS 7.5PoC≤ 1.3.082006-11-07
CVE-2006-5777 [HIGH] CVE-2006-5777: Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perf
Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat.php, (7) canccat.php, (8) cancelart.php, (9) cancontsit.php, (10) chanpassamm.php, (11) d
nvd
CVE-2009-4925P3MEDIUMCVSS 6.8PoCv1.3.162010-07-12
CVE-2009-4925 [MEDIUM] CWE-89 CVE-2009-4925: Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce conte
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) checkuser.php.
nvd