Siteframe
Products
2- 5 CVEs
- 2 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-2443 | 0.03 | — | 0.03 | Jul 13, 2009 | Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. | |||
| CVE-2008-3256 | 0.03 | — | 0.02 | Jul 22, 2008 | SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2006-0783 | 0.03 | — | 0.02 | Feb 19, 2006 | Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote attackers to inject arbitrary web script or HTML via the comment_text parameter to the user comment page (/edit/Comment). | |||
| CVE-2006-0675 | 0.03 | — | 0.02 | Feb 13, 2006 | Cross-site scripting (XSS) vulnerability in search.php in Siteframe 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||
| CVE-2005-4824 | 0.00 | — | 0.01 | Dec 31, 2005 | PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerability than CVE-2005-1965. |
- CVE-2009-2443Jul 13, 2009risk 0.03cvss —epss 0.03
Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
- CVE-2008-3256Jul 22, 2008risk 0.03cvss —epss 0.02
SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2006-0783Feb 19, 2006risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote attackers to inject arbitrary web script or HTML via the comment_text parameter to the user comment page (/edit/Comment).
- CVE-2006-0675Feb 13, 2006risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in search.php in Siteframe 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
- CVE-2005-4824Dec 31, 2005risk 0.00cvss —epss 0.01
PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerability than CVE-2005-1965.