Boka » Siteengine : Security Vulnerabilities, CVEs,

CVE-2010-4357

SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter.
Max CVSS
7.5
EPSS Score
0.13%
Published
2010-12-01
Updated
2010-12-02

CVE-2008-7269

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action.
Max CVSS
5.8
EPSS Score
1.43%
Published
2010-12-01
Updated
2018-10-11

CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to php_info in misc.php.
Max CVSS
5.0
EPSS Score
0.38%
Published
2010-12-01
Updated
2018-10-11

CVE-2008-7267

SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2010-12-01
Updated
2018-10-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close