Cfmsource
Products
5- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-6324 | 0.03 | — | 0.00 | Feb 27, 2009 | SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | ||
| CVE-2008-6323 | 0.03 | — | 0.00 | Feb 27, 2009 | SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | ||
| CVE-2008-6322 | 0.03 | — | 0.00 | Feb 27, 2009 | SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter. | ||
| CVE-2008-6319 | 0.03 | — | 0.00 | Feb 27, 2009 | SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter. | ||
| CVE-2011-4972 | 0.00 | — | 0.01 | Nov 13, 2019 | hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request. |
- CVE-2008-6324Feb 27, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
- CVE-2008-6323Feb 27, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
- CVE-2008-6322Feb 27, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
- CVE-2008-6319Feb 27, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter.
- CVE-2011-4972Nov 13, 2019risk 0.00cvss —epss 0.01
hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request.