PHP remote file inclusion vulnerability in html/admin/modules/plugin_admin.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the _settings[pluginpath] parameter.
Max CVSS
6.8
EPSS Score
2.25%
Published
2009-04-21
Updated
2017-09-29
SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary SQL commands via the go parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-07-02
Updated
2017-09-29
2 vulnerabilities found