Hycus Cms vulnerabilities
3 known vulnerabilities affecting hycus/hycus_cms.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2010-4613P3HIGHCVSS 7.5PoCv1.0.32010-12-29
CVE-2010-4613 [HIGH] CWE-22 CVE-2010-4613: Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include an
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) admin.php.
nvd
CVE-2010-4612P3MEDIUMCVSS 6.8PoCv1.0.32010-12-29
CVE-2010-4612 [MEDIUM] CWE-89 CVE-2010-4612: Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is dis
Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to user/1/hlogin.html, (4) useremail parameter to user/1/forgotpass.html, and the (5) q p
nvd
CVE-2011-3745P4MEDIUMCVSS 5.0v1.0.32011-09-23
CVE-2011-3745 [MEDIUM] CWE-200 CVE-2011-3745: HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .ph
HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycus_template/template.php.
nvd