VYPR

Klinza Professional CMS

by Klinza

CVEs (2)

  • CVE-2009-4216Dec 7, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.

  • CVE-2006-5189Oct 10, 2006
    risk 0.03cvss epss 0.05

    PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php in klinza professional cms 5.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appl[APPL] parameter.