VYPR
Vendor

Exhibit Engine

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2006-7184Mar 30, 2007
    risk 0.03cvss epss 0.02

    Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information is…

  • CVE-2006-5292Oct 16, 2006
    risk 0.03cvss epss 0.06

    PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.

  • CVE-2005-1875Jun 2, 2005
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter.