Falcon Series One Cms vulnerabilities
3 known vulnerabilities affecting falcon/series_one_cms.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2007-6488P3MEDIUMCVSS 6.8PoCv1.4.32007-12-20
CVE-2007-6488 [MEDIUM] CWE-20 CVE-2007-6488: Multiple PHP remote file inclusion vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attac
Multiple PHP remote file inclusion vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the dir[classes] parameter to sitemap.xml.php or (2) the error parameter to errors.php.
nvd
CVE-2007-6489P3HIGHCVSS 7.5PoCv1.4.32007-12-20
CVE-2007-6489 [HIGH] CVE-2007-6489: Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series One CMS 1.4.3 allow remote atta
Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) gb_mail, (2) gb_name, and (3) gb_text parameters in a guestbook action to index.php, and unspecified other vectors.
nvd
CVE-2007-6490P4MEDIUMCVSS 4.3PoCv1.4.32007-12-20
CVE-2007-6490 [MEDIUM] CWE-352 CVE-2007-6490: Cross-site request forgery (CSRF) vulnerability in Falcon Series One CMS 1.4.3 allows remote attacke
Cross-site request forgery (CSRF) vulnerability in Falcon Series One CMS 1.4.3 allows remote attackers to change a password via a certain changepass action to index.php.
nvd