Sensesites
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-5342 | 0.03 | — | 0.01 | Oct 9, 2012 | Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) special.php, (2) article.php, or (3) cat2.php. | |||
| CVE-2010-5037 | 0.03 | — | 0.02 | Nov 2, 2011 | SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | |||
| CVE-2009-4736 | 0.00 | — | 0.01 | Mar 23, 2010 | Cross-site scripting (XSS) vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||
| CVE-2006-3576 | 0.00 | — | 0.01 | Jul 13, 2006 | SQL injection vulnerability in search.php in SenseSites CommonSense CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the Date parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. |
- CVE-2012-5342Oct 9, 2012risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) special.php, (2) article.php, or (3) cat2.php.
- CVE-2010-5037Nov 2, 2011risk 0.03cvss —epss 0.02
SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
- CVE-2009-4736Mar 23, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
- CVE-2006-3576Jul 13, 2006risk 0.00cvss —epss 0.01
SQL injection vulnerability in search.php in SenseSites CommonSense CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the Date parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.