VYPR

CMS

by Etomite

CVEs (2)

  • CVE-2006-7070Mar 2, 2007
    risk 0.03cvss epss 0.04

    Unrestricted file upload vulnerability in manager/media/ibrowser/scripts/rfiles.php in Etomite CMS 0.6.1 and earlier allows remote attackers to upload and execute arbitrary files via an nfile[] parameter with a filename that contains a .php extension followed by a valid image…

  • CVE-2006-3904Jul 27, 2006
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.