Wavelink Media Tutorialcms vulnerabilities
4 known vulnerabilities affecting wavelink_media/tutorialcms.
Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2007-2822P3CRITICALCVSS 9.3PoC≤ 1.012007-05-22
CVE-2007-2822 [CRITICAL] CVE-2007-2822: TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass au
TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php.
nvd
CVE-2007-2599P3HIGHCVSS 7.5PoC≤ 1.002007-05-11
CVE-2007-2599 [HIGH] CVE-2007-2599: Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier all
Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or (3) the search parameter to search.p
nvd
CVE-2008-0254P3MEDIUMCVSS 6.8PoCv1.022008-01-15
CVE-2008-0254 [MEDIUM] CWE-89 CVE-2008-0254: SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magi
SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter.
nvd
CVE-2007-2600P4MEDIUMCVSS 6.8PoC≤ 1.002007-05-11
CVE-2007-2600 [MEDIUM] CVE-2007-2600: Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 an
Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or the (3) search p
nvd