VYPR

CMS

by Ariadne

CVEs (5)

  • CVE-2005-1181May 2, 2005
    risk 0.03cvss epss 0.03

    NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code.…

  • CVE-2011-4938Feb 11, 2020
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter to (1) index.php and (2) loader.php.

  • CVE-2008-7125Aug 31, 2009
    risk 0.00cvss epss 0.02

    pphoto in Ariadne before 2.6 allows remote authenticated users with certain privileges to execute arbitrary shell commands via vectors related to PINP programs and the annotate command. NOTE: some of these details are obtained from third party information.

  • CVE-2007-2433May 2, 2007
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the ARLogin parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

  • CVE-2006-5776Nov 7, 2006
    risk 0.00cvss epss 0.02

    Multiple PHP remote file inclusions in Ariadne 2.4.1 allows remote attackers to execute arbitrary PHP code via the ariadne parameter in (1) ftp/loader.php and (2) lib/includes/loader.cmd.php. NOTE: this issue is disputed by CVE, since installation instructions recommend that…