Vendor
All Club CMS
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-7069 | 0.03 | — | 0.03 | Aug 25, 2009 | All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat. | |||
| CVE-2008-0601 | 0.03 | — | 0.01 | Feb 6, 2008 | SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||
| CVE-2008-0602 | 0.03 | — | 0.02 | Feb 6, 2008 | Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter. |
- CVE-2008-7069Aug 25, 2009risk 0.03cvss —epss 0.03
All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat.
- CVE-2008-0601Feb 6, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
- CVE-2008-0602Feb 6, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter.