Rhadrix If-Cms vulnerabilities
3 known vulnerabilities affecting rhadrix/if-cms.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-0528P3HIGHCVSS 7.5PoC≤ 2.072009-02-11
CVE-2009-0528 [HIGH] CWE-89 CVE-2009-0528: SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers
SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2006-5761P4MEDIUMCVSS 4.3PoCv1.01v2.072006-11-06
CVE-2006-5761 [MEDIUM] CVE-2006-5761: Cross-site scripting (XSS) vulnerability in index.php in Rhadrix If-CMS 1.01 and 2.07 allows remote
Cross-site scripting (XSS) vulnerability in index.php in Rhadrix If-CMS 1.01 and 2.07 allows remote attackers to inject arbitrary web script or HTML via the rns parameter.
nvd
CVE-2006-5759P4MEDIUMCVSS 5.0v1.01v2.072006-11-06
CVE-2006-5759 [MEDIUM] CVE-2006-5759: index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path
index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path of the web server via empty (1) rns[] or (2) pag[] arguments, which reveals the path in an error message.
nvd