Otmanager Cms vulnerabilities
3 known vulnerabilities affecting otmanager/otmanager_cms.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-7179P3HIGHCVSS 7.5PoCv2.42009-09-08
CVE-2008-7179 [HIGH] CWE-287 CVE-2008-7179: OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges
OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php.
nvd
CVE-2008-5201P3HIGHCVSS 7.5PoCv24a2008-11-21
CVE-2008-5201 [HIGH] CWE-22 CVE-2008-5201: Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to inclu
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
nvd
CVE-2008-5202P4MEDIUMCVSS 4.3PoCv24a2008-11-21
CVE-2008-5202 [MEDIUM] CWE-79 CVE-2008-5202: Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers t
Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter.
nvd