Grafxsoftware Minicwb vulnerabilities
2 known vulnerabilities affecting grafxsoftware/minicwb.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-4693P3HIGHCVSS 7.5PoCv2.3.02010-03-10
CVE-2009-4693 [HIGH] CWE-94 CVE-2009-4693: Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to
Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to (1) en.inc.php, (2) hu.inc.php, (3) no.inc.php, (4) ro.inc.php, and (5) ru.inc.php in language/.
nvd
CVE-2008-6620P4MEDIUMCVSS 4.3PoC≤ 2.1.12009-04-06
CVE-2008-6620 [MEDIUM] CWE-79 CVE-2008-6620: Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/
Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errcontext, (2) _GET, (3) _POST, (4) _SESSION, (5) _SERVER, and (6) fckphp_config[Debug_SERVER] parameters.
nvd