cbcvebase.

Fastpublish Cms vulnerabilities

4 known vulnerabilities affecting fastpublish/fastpublish_cms.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2006-2726P3HIGHCVSS 7.5PoCv1.6.9.d2006-06-01
CVE-2006-2726 [HIGH] CVE-2006-2726: PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to includ PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php.
nvd
CVE-2007-6325P3MEDIUMCVSS 6.8PoCv1.99992007-12-13
CVE-2007-6325 [MEDIUM] CVE-2007-6325: PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 a PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726.
nvd
CVE-2008-4519P3HIGHCVSS 7.5PoCv1.9.9.9.9dv1.9999d2008-10-09
CVE-2008-4519 [HIGH] CWE-22 CVE-2008-4519: Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to i Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the target parameter to (1) index2.php and (2) index.php.
nvd
CVE-2008-4518P3HIGHCVSS 7.5PoCv1.9.9.9.9dv1.9999d2008-10-09
CVE-2008-4518 [HIGH] CWE-89 CVE-2008-4518: Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attack Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.
nvd
Fastpublish Cms vulnerabilities | cvebase