Ixprim » Ixprim Cms : Security Vulnerabilities, CVEs,
The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IXP_CODE in mainfile.php, which might allow remote attackers to gain access to the administration panel via a brute force attack.
Max CVSS
5.1
EPSS Score
1.96%
Published
2006-12-27
Updated
2018-10-17
Ixprim 1.2 allows remote attackers to obtain sensitive information via a direct request for kernel/plugins/fckeditor2/ixprim_api.php, which reveals the path in an error message.
Max CVSS
5.0
EPSS Score
0.66%
Published
2006-12-27
Updated
2018-10-17
Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote attackers to execute arbitrary SQL commands via the story_id parameter to ixm_ixpnews.php, and unspecified other vectors.
Max CVSS
6.5
EPSS Score
0.38%
Published
2006-12-27
Updated
2018-10-17
3 vulnerabilities found