Filtered by vendor Dustincowell
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-3307 | 1 Dustincowell | 1 Free Simple Cms | 2024-02-28 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) body, (2) footer, (3) header, (4) menu_left, or (5) menu_right parameter. | |||||
CVE-2010-3742 | 1 Dustincowell | 1 Free Simple Cms | 2024-02-28 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different issue than CVE-2010-3307. | |||||
CVE-2010-4298 | 1 Dustincowell | 1 Free Simple Software | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php. | |||||
CVE-2010-4311 | 1 Dustincowell | 1 Free Simple Software | 2024-02-28 | 5.0 MEDIUM | N/A |
Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. |