Hans Oesterholt : Security Vulnerabilities, CVEs, CVSS score >= 5
Content Management Made Easy (CMME) 1.19 allows remote attackers to obtain system information via a direct request to info.php, which invokes the phpinfo function.
Max CVSS
5.0
EPSS Score
0.43%
Published
2009-02-18
Updated
2018-10-11
Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the env parameter in a login action to admin.php.
Max CVSS
5.8
EPSS Score
0.39%
Published
2008-09-04
Updated
2017-09-29
2 vulnerabilities found