Aprox » Aproxengine : Security Vulnerabilities, CVEs,
SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-07-24
Updated
2017-09-29
Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Max CVSS
7.5
EPSS Score
1.12%
Published
2008-06-27
Updated
2017-10-19
2 vulnerabilities found