Vigilecms

CVEs (3)

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2007-6085	0.03	—	0.03	Nov 22, 2007	Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module.
CVE-2007-6086	0.03	—	0.04	Nov 22, 2007	Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.
CVE-2007-6087	0.03	—	0.00	Nov 22, 2007	Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module.

CVE-2007-6085Nov 22, 2007
risk 0.03cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module.
CVE-2007-6086Nov 22, 2007
risk 0.03cvss —epss 0.04
Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.
CVE-2007-6087Nov 22, 2007
risk 0.03cvss —epss 0.00
Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module.