Irokez Cms vulnerabilities
2 known vulnerabilities affecting irokez/irokez_cms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-4982P3MEDIUMCVSS 6.8PoCv0.7.12010-08-25
CVE-2009-4982 [MEDIUM] CWE-89 CVE-2009-4982: SQL injection vulnerability in the select function in Irokez CMS 0.7.1, when magic_quotes_gpc is dis
SQL injection vulnerability in the select function in Irokez CMS 0.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to the default URI.
nvd
CVE-2006-6771P3MEDIUMCVSS 6.8PoC≤ 0.7.12006-12-27
CVE-2006-6771 [MEDIUM] CVE-2006-6771: Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and earlier, when register_gl
Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[PTH][func] parameter in (a) scripts/gallery.scr.php; the (2) GLOBALS[PTH][spaw] parameter in (b) scripts/xtextarea.scr.php; and the (3) GLOBALS[PTH][classes] par
nvd