Filtered by vendor Impliedbydesign
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-2101 | 1 Impliedbydesign | 1 Navigate | 2024-11-21 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2008-6614 | 1 Impliedbydesign | 1 Ibd Micro Cms | 2024-11-21 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) allow remote attackers to execute arbitrary SQL commands via (1) the administrators_username parameter (aka the Username field) or (2) the administrators_pass parameter (aka the Password field). | |||||
CVE-2008-6553 | 1 Impliedbydesign | 1 Micro-cms | 2024-11-21 | 7.5 HIGH | N/A |
microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote attackers to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a delete_admin action, and (3) modify administrative passwords via a change_password action. |