Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3417 | 1 Fipsasp | 1 Fipscms Light | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561. | |||||
| CVE-2009-2022 | 1 Fipsasp | 1 Fipscms Light | 2024-02-28 | 5.0 MEDIUM | N/A |
| fipsCMS Light 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain sensitive information via a direct request for _fipsdb/db.mdb. | |||||