RSS   Vulnerabilities for 'Xecms'   RSS

2009-04-10
 
CVE-2008-6714

 

 
admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to bypass authentication and access the admin panel by setting the xecms_username cookie.

 
2007-12-21
 
CVE-2007-6508

CWE-22
 

 
Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F (dot dot slash) in the list parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top