RSS   Vulnerabilities for 'Artmedic cms'   RSS

2007-10-19
 
CVE-2007-5600

CWE-94
 

 
Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs.

 
2007-10-17
 
CVE-2007-5489

CWE-22
 

 
Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.

 

 >>> Vendor: Artmedic webdesign 5 Products
Artmedic links
Artmedic event
Artmedic newsletter
Artmedic cms
Artmedic weblog


Copyright 2017, cxsecurity.com