Artmedic Webdesign » Artmedic Cms : Security Vulnerabilities, CVEs,
Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs.
Max CVSS
6.8
EPSS Score
0.36%
Published
2007-10-19
Updated
2017-09-29
Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Max CVSS
7.5
EPSS Score
0.45%
Published
2007-10-17
Updated
2017-09-29
2 vulnerabilities found