Tilde Cms vulnerabilities
4 known vulnerabilities affecting tilde/tilde_cms.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2007-6159P3HIGHCVSS 7.5PoCv4.02007-11-29
CVE-2007-6159 [HIGH] CVE-2007-6159: SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to exe
SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500.
nvd
CVE-2007-6160P4MEDIUMCVSS 4.3PoCv4.02007-11-29
CVE-2007-6160 [MEDIUM] CWE-79 CVE-2007-6160: Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and earlier allows remote att
Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action.
nvd
CVE-2006-1500P4HIGHCVSS 7.5v3.02006-03-30
CVE-2006-1500 [HIGH] CWE-89 CVE-2006-1500: SQL injection vulnerability in index.php in Tilde CMS 3.0 allows remote attackers to execute arbitra
SQL injection vulnerability in index.php in Tilde CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2007-6161P4MEDIUMCVSS 5.0≤ 4.02007-11-29
CVE-2007-6161 [MEDIUM] CWE-200 CVE-2007-6161: index.php in Tilde CMS 4.x and earlier allows remote attackers to obtain sensitive information via a
index.php in Tilde CMS 4.x and earlier allows remote attackers to obtain sensitive information via a certain search parameter value in a search action, which reveals the path.
nvd