VYPR

Ciamos CMS

by Ciamos

CVEs (4)

  • CVE-2005-0828May 2, 2005
    risk 0.04cvss epss 0.09

    highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database…

  • CVE-2009-4156Dec 2, 2009
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in modules/pms/index.php in Ciamos CMS 0.9.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_path parameter.

  • CVE-2006-5257Oct 12, 2006
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in modules/forum/include/config.php in Ciamos Content Management System (CMS) 0.9.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_cache_path parameter.

  • CVE-2005-0827May 2, 2005
    risk 0.00cvss epss 0.01

    Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP…