RSS   Vulnerabilities for 'Entertainment cms'   RSS

2007-07-25
 
CVE-2007-4008

 

 
Directory traversal vulnerability in custom.php in Entertainment Media Sharing CMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter.

 
2007-07-11
 
CVE-2007-3704

CWE-Other
 

 
Entertainment CMS allows remote attackers to bypass authentication and perform certain administrative actions by setting the adminLogged cookie to "Administrator."

 


Copyright 2019, cxsecurity.com

 

Back to Top