VYPR

Sapid Cmf

by Sapid

CVEs (4)

  • CVE-2007-5056Sep 24, 2007
    risk 0.05cvss epss 0.28

    Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module…

  • CVE-2006-4026Aug 9, 2006
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter in usr/extensions/get_infochannel.inc.php and the (2) GLOBALS["root_path"] parameter in usr/extensions/get_tree.inc.php.

  • CVE-2005-4006Dec 5, 2005
    risk 0.00cvss epss 0.02

    SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to the usr/system files (1) insert_file.php, (2) insert_image.php, (3) insert_link.php, (4) insert_qcfile.php, and (5) edit.php.

  • CVE-2005-4007Dec 5, 2005
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization checks, have unknown impact and attack vectors involving (1) mvc/controller/user_request_analysis.inc.php and (2) usr/xml/ddc/authorization.xml.