Customcms Ccms vulnerabilities
2 known vulnerabilities affecting customcms/ccms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2008-4526P3CRITICALCVSS 10.0PoCv3.12008-10-09
CVE-2008-4526 [CRITICAL] CWE-22 CVE-2008-4526: Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execu
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and (6) pages/poll.php.
nvd
CVE-2007-6658P3HIGHCVSS 7.5PoCv3.12008-01-04
CVE-2007-6658 [HIGH] CWE-89 CVE-2007-6658: SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attacke
SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page.
nvd