VYPR

Sapid CMS

by Redgraphic

CVEs (4)

  • CVE-2012-5293Oct 4, 2012
    risk 0.03cvss epss 0.03

    Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 Stable allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[root_path] parameter to usr/extensions/get_tree.inc.php or (2) root_path parameter to…

  • CVE-2006-4026Aug 9, 2006
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter in usr/extensions/get_infochannel.inc.php and the (2) GLOBALS["root_path"] parameter in usr/extensions/get_tree.inc.php.

  • CVE-2005-4006Dec 5, 2005
    risk 0.00cvss epss 0.02

    SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to the usr/system files (1) insert_file.php, (2) insert_image.php, (3) insert_link.php, (4) insert_qcfile.php, and (5) edit.php.

  • CVE-2005-4007Dec 5, 2005
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization checks, have unknown impact and attack vectors involving (1) mvc/controller/user_request_analysis.inc.php and (2) usr/xml/ddc/authorization.xml.