cbcvebase.

Matteoiammarrone S-Cms vulnerabilities

5 known vulnerabilities affecting matteoiammarrone/s-cms.

Total CVEs
5
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2009-0864P3HIGHCVSS 7.5PoCv1.12009-03-10
CVE-2009-0864 [HIGH] CWE-287 CVE-2009-0864: S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access v S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie.
nvd
CVE-2010-4771P3HIGHCVSS 7.5PoCv2.52011-03-23
CVE-2010-4771 [HIGH] CWE-89 CVE-2010-4771: SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitra SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2009-1502P3HIGHCVSS 7.5PoCv1.1v1.5.22009-05-01
CVE-2009-1502 [HIGH] CWE-22 CVE-2009-1502: Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attacker Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
nvd
CVE-2009-0863P3HIGHCVSS 7.5PoCv1.12009-03-10
CVE-2009-0863 [HIGH] CWE-89 CVE-2009-0863: SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2010-4772P4MEDIUMCVSS 4.3PoCv2.52011-03-23
CVE-2010-4772 [MEDIUM] CWE-79 CVE-2010-4772: Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php.
nvd
Matteoiammarrone S-Cms vulnerabilities | cvebase