VYPR

Content Management System

by Chilek

CVEs (3)

  • CVE-2008-5853Jan 6, 2009
    risk 0.03cvss epss 0.03

    Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups…

  • CVE-2008-2016Apr 30, 2008
    risk 0.00cvss epss 0.02

    PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute…

  • CVE-2008-2017Apr 30, 2008
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/.