Vulnerabilities (CVE)

Filtered by vendor Ermenegildo Fiorito Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1309 1 Ermenegildo Fiorito 1 Irmin Cms 2024-02-28 5.0 MEDIUM N/A
Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. (dot dot) in the w parameter to index.php.
CVE-2008-7254 1 Ermenegildo Fiorito 1 Irmin Cms 2024-02-28 6.8 MEDIUM N/A
Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the _Root_Path parameter. NOTE: some of these details are obtained from third party information.