Interact
by Cce Interact
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-3384 | 0.04 | — | 0.09 | Jul 30, 2008 | Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters. | ||
| CVE-2008-3868 | 0.00 | — | 0.00 | Nov 3, 2008 | Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack the authentication of super administrators for requests that create super administrator accounts. | ||
| CVE-2008-3867 | 0.00 | — | 0.01 | Nov 3, 2008 | SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter. |
- CVE-2008-3384Jul 30, 2008risk 0.04cvss —epss 0.09
Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters.
- CVE-2008-3868Nov 3, 2008risk 0.00cvss —epss 0.00
Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack the authentication of super administrators for requests that create super administrator accounts.
- CVE-2008-3867Nov 3, 2008risk 0.00cvss —epss 0.01
SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter.