Etouch Samepage vulnerabilities
2 known vulnerabilities affecting etouch/samepage.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2015-2070P3HIGHCVSS 7.5PoCv4.4.0.0.2392015-02-24
CVE-2015-2070 [HIGH] CWE-89 CVE-2015-2070: SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attacker
SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed.
nvd
CVE-2015-2071P4MEDIUMCVSS 4.0PoCv4.4.0.0.2392015-02-24
CVE-2015-2071 [MEDIUM] CWE-22 CVE-2015-2071: Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition
Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filepath parameter.
nvd