Cjay Content Module
by XOOPS
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-3220 | 0.08 | — | 0.63 | Jun 14, 2007 | PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this may be a duplicate of CVE-2006-4656. | |||
| CVE-2009-4360 | 0.03 | — | 0.01 | Dec 20, 2009 | SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter. |
- CVE-2007-3220Jun 14, 2007risk 0.08cvss —epss 0.63
PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this may be a duplicate of CVE-2006-4656.
- CVE-2009-4360Dec 20, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter.