RSS   Vulnerabilities for 'Dmcms'   RSS

2008-08-20
 
CVE-2008-3721

CWE-94
 

 
PHP remote file inclusion vulnerability in user_language.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the language_dir parameter.

 
 
CVE-2008-3720

CWE-89
 

 
SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679.

 
2007-10-24
 
CVE-2007-5679

 

 
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.

 


Copyright 2024, cxsecurity.com

 

Back to Top