Goople CMS
by Goople Cms
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-6119 | 0.03 | — | 0.03 | Feb 11, 2009 | Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2008-6118 | 0.03 | — | 0.03 | Feb 11, 2009 | win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1. | ||
| CVE-2009-0121 | 0.03 | — | 0.00 | Jan 15, 2009 | SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2009-0111 | 0.03 | — | 0.00 | Jan 9, 2009 | SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. |
- CVE-2008-6119Feb 11, 2009risk 0.03cvss —epss 0.03
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2008-6118Feb 11, 2009risk 0.03cvss —epss 0.03
win/content/upload.php in Goople CMS 1.7 allows remote attackers to bypass authentication and gain administrative access by setting the loggedin cookie to 1.
- CVE-2009-0121Jan 15, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2009-0111Jan 9, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.