Pastel Pastelcms vulnerabilities
2 known vulnerabilities affecting pastel/pastelcms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-1405P3MEDIUMCVSS 6.8PoCv0.8.02009-04-24
CVE-2009-1405 [MEDIUM] CWE-22 CVE-2009-1405: Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled
Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the set_lng parameter.
nvd
CVE-2009-1404P3MEDIUMCVSS 6.8PoCv0.8.02009-04-24
CVE-2009-1404 [MEDIUM] CWE-89 CVE-2009-1404: SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allo
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user (Username) parameter.
nvd