VYPR

Segue

by Segue CMS

CVEs (3)

  • CVE-2007-5186Oct 3, 2007
    risk 0.07cvss epss 0.47

    PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter, a different vector than CVE-2006-5497. NOTE: this issue was…

  • CVE-2012-1255Jun 4, 2012
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2012-1254Jun 4, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.