All Club CMS
by All Club CMS
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-7069 | 0.03 | — | 0.03 | Aug 25, 2009 | All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat. | |||
| CVE-2008-0601 | 0.03 | — | 0.01 | Feb 6, 2008 | SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||
| CVE-2008-0602 | 0.03 | — | 0.02 | Feb 6, 2008 | Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter. |
- CVE-2008-7069Aug 25, 2009risk 0.03cvss —epss 0.03
All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.
- CVE-2008-0601Feb 6, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
- CVE-2008-0602Feb 6, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter.