VYPR

TutorialCMS

by TutorialCMS

CVEs (2)

  • CVE-2008-0254Jan 15, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter.

  • CVE-2007-2599May 11, 2007
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d)…