VYPR

R2 CMS

by Bitweaver

CVEs (2)

  • CVE-2007-6650Jan 4, 2008
    risk 0.03cvss epss 0.03

    Unrestricted file upload vulnerability in fisheye/upload.php in Bitweaver R2 CMS allows remote attackers to upload arbitrary files by using the image/gif content type, and possibly other image and PDF content types, as demonstrated by uploading a .htaccess file.

  • CVE-2007-6651Jan 4, 2008
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in wiki/edit.php in Bitweaver R2 CMS allows remote attackers to obtain sensitive information (script source code) via a .. (dot dot) in the suck_url parameter.