Scottmanktelow Stride Cms vulnerabilities
2 known vulnerabilities affecting scottmanktelow/stride_cms.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2007-5430P3HIGHCVSS 7.5PoCv1.02007-10-12
CVE-2007-5430 [HIGH] CWE-89 CVE-2007-5430: Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL
Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem.
nvd
CVE-2007-5432P3HIGHCVSS 7.5v1.02007-10-12
CVE-2007-5432 [HIGH] CWE-200 CVE-2007-5432: Stride 1.0 has a default administrator username of "scott" with the password "running", which allows
Stride 1.0 has a default administrator username of "scott" with the password "running", which allows remote attackers to obtain administrative access through login.php.
nvd