Klinza Professional Cms vulnerabilities
2 known vulnerabilities affecting klinza/klinza_professional_cms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2009-4216P3CRITICALCVSS 9.3PoC≤ 5.0.12009-12-07
CVE-2009-4216 [CRITICAL] CWE-22 CVE-2009-4216: Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and
Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.
nvd
CVE-2006-5189P3HIGHCVSS 7.5PoC≤ 5.0.12006-10-10
CVE-2006-5189 [HIGH] CVE-2006-5189: PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php in klinza professional cms 5.0.
PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php in klinza professional cms 5.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appl[APPL] parameter.
nvd