RSS   Vulnerabilities for 'Vigilecms'   RSS

2007-11-21
 
CVE-2007-6087

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module.

 
 
CVE-2007-6086

CWE-22
 

 
Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.

 
 
CVE-2007-6085

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module.

 


Copyright 2024, cxsecurity.com

 

Back to Top