Tutti Nova
by Tutti Nova
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-4277 | 0.04 | — | 0.08 | Aug 21, 2006 | Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||
| CVE-2006-4276 | 0.04 | — | 0.13 | Aug 21, 2006 | PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php. | ||
| CVE-2004-2453 | 0.00 | — | 0.00 | Dec 31, 2004 | Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors. |
- CVE-2006-4277Aug 21, 2006risk 0.04cvss —epss 0.08
Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
- CVE-2006-4276Aug 21, 2006risk 0.04cvss —epss 0.13
PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
- CVE-2004-2453Dec 31, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors.