Cwh Underground : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.
Max CVSS
4.3
EPSS Score
0.25%
Published
2008-07-15
Updated
2017-09-29
SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-07-02
Updated
2017-09-29
2 vulnerabilities found