Content Management System
by Chilek
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-5853 | 0.03 | — | 0.03 | Jan 6, 2009 | Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups… | |||
| CVE-2008-2016 | 0.00 | — | 0.02 | Apr 30, 2008 | PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute… | |||
| CVE-2008-2017 | 0.00 | — | 0.02 | Apr 30, 2008 | Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/. |
- CVE-2008-5853Jan 6, 2009risk 0.03cvss —epss 0.03
Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups…
- CVE-2008-2016Apr 30, 2008risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute…
- CVE-2008-2017Apr 30, 2008risk 0.00cvss —epss 0.02
Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/.