Enanocms Enano Cms vulnerabilities
2 known vulnerabilities affecting enanocms/enano_cms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2010-4780P3HIGHCVSS 7.5PoC≤ 1.1.7v0.8.1+21 more2011-04-07
CVE-2010-4780 [HIGH] CWE-89 CVE-2010-4780: SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.
SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these details are obtained from third party information.
nvd
CVE-2010-4781P4MEDIUMCVSS 5.0PoC≤ 1.1.7v0.8.1+21 more2011-04-07
CVE-2010-4781 [MEDIUM] CWE-200 CVE-2010-4781: index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, a
index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message.
nvd