Theratstudios » The Rat Cms : Security Vulnerabilities, CVEs,
Unrestricted file upload vulnerability in admin/add_album.php in The Rat CMS Alpha 2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Max CVSS
6.8
EPSS Score
1.60%
Published
2009-09-11
Updated
2017-09-19
Multiple cross-site scripting (XSS) vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) viewarticle.php and (b) viewarticle2.php and the (2) PATH_INFO to viewarticle.php.
Max CVSS
4.3
EPSS Score
0.19%
Published
2008-11-19
Updated
2018-10-11
Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewarticle.php and (2) viewarticle2.php.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-11-19
Updated
2018-10-11
3 vulnerabilities found