CMS
by Hycus
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12984 | Cri | 0.64 | 9.8 | 0.03 | Jun 29, 2018 | Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials. | ||
| CVE-2010-4613 | 0.03 | — | 0.06 | Dec 29, 2010 | Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) admin.php. | |||
| CVE-2010-4612 | 0.03 | — | 0.02 | Dec 29, 2010 | Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to… | |||
| CVE-2011-3745 | 0.00 | — | 0.01 | Sep 23, 2011 | HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycus_template/template.php. |
- risk 0.64cvss 9.8epss 0.03
Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials.
- CVE-2010-4613Dec 29, 2010risk 0.03cvss —epss 0.06
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) admin.php.
- CVE-2010-4612Dec 29, 2010risk 0.03cvss —epss 0.02
Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to…
- CVE-2011-3745Sep 23, 2011risk 0.00cvss —epss 0.01
HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycus_template/template.php.