RSS   Vulnerabilities for 'Fastpublish cms'   RSS

2008-10-09
 
CVE-2008-4519

CWE-22
 

 
Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the target parameter to (1) index2.php and (2) index.php.

 
 
CVE-2008-4518

CWE-89
 

 
Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.

 
2007-12-13
 
CVE-2007-6325

 

 
PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726.

 
2006-06-01
 
CVE-2006-2726

 

 
PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top