SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php.
Max CVSS
9.8
EPSS Score
0.17%
Published
2021-06-16
Updated
2021-06-21
phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php.
Max CVSS
8.8
EPSS Score
0.11%
Published
2021-06-16
Updated
2022-09-29
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.
Max CVSS
9.8
EPSS Score
0.17%
Published
2021-06-16
Updated
2021-06-21
A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring.
Max CVSS
9.8
EPSS Score
79.20%
Published
2018-11-09
Updated
2019-02-04
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!