VYPR

Bluepage CMS

by Iss Oberlausitz

CVEs (2)

  • CVE-2008-6039Feb 3, 2009
    risk 0.03cvss epss 0.02

    Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

  • CVE-2008-6027Feb 3, 2009
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) whl, (2) var_1, and (3) search parameters.